The password is dying: identity management in the modern age

Identity - it's not personal
High profile security breaches continue to shine a light on the problem

As high profile security breaches continue to proliferate it has become increasingly clear that how we manage our online identities is seriously out dated in the ever-evolving digital world.

We caught up with Darren Gross, EMEA Director of Unified Identity Services company, Centrify to find out more about why identity management is now a priority among enterprises and what can be done to rethink how we secure corporate data.

TechRadar Pro: What are the key business challenges driving the identity-as-a-service (IDaaS) marketplace?

Darren Gross: The advent of cloud and mobility has radically overhauled how businesses deliver IT to users and how in turn users access and consume those services. Company data has broken outside of the corporate HQ and is walking around in any one of your employees' back pockets.

Securing that data, without making access to it onerous for employees, is a business imperative. Traditionally businesses have relied on passwords, but you only need to look at the headlines over the last few months to realise that this is a big Achilles heel for corporate security policies.

The situation is exacerbated by the fact that even 94% of security professionals we surveyed at InfoSecurity this year admitted to using the same device to access both corporate and personal apps.

This is a concern because given the challenges associated with remembering numerous passwords we tend to use the same one in all aspects of life - professional and personal. For hackers this is a dream come true as it provides a backdoor to the corporate infrastructure.

One password and they are free to roam wherever they like, forage through your bank details or steal confidential customer information from the company database stored on your smartphone.

Against this back drop the global identity and access management market is forecast to grow from $4.4 billion in 2012 to $6.99 billion in 2017 according to IDC.

Such is the demand for this technology that Centrify has quickly grown its business, doubling its headcount in the UK and growing its channel partners by 139% in the last six months alone. Identity is the next big milestone in cloud adoption.

TRP: Why is identity so often overlooked when it comes to the cloud and mobility?

DG: If you think about it, every module and function of a service has morphed to become a different app. Every day it gets worse as more devices are brought into the workplace and more apps are deployed and downloaded. This creates silos that in themselves become new infrastructures that need to be managed.

The complexity is simply staggering and because companies aren't effectively managing identity they have no idea who has access to what data and via what device. If they don't know this, when an employee leaves, how can they possibly tell if their IT footprint has been wiped and that no back doors exist?

TRP: How much of a challenge is it for IT to manage an employee's digital footprint across the organisation?

DG: It's become a huge challenge to manage an employee's digital footprint. If you are not managing identity, you don't know who has access to what data, if they should have access to that data, and also where they are accessing it from. In the digital world, our identity is our currency - it validates and authenticates us to go where we need to go and access the information needed to do our job.

But the more apps and data that get added, and the more passwords created, the harder it becomes to unravel.

TRP: What role are passwords playing in making security complex?

DG: The problem with passwords, apart from their inherent insecurity, is that organisations expect employees to remember multiple different ones. Our research found that over a quarter of companies (27%) expect their employees to remember six or more passwords.

Desire Athow
Managing Editor, TechRadar Pro

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website builders and web hosting when DHTML and frames were in vogue and started narrating about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium.