By Soumya Das
In the February edition of its magazine, Siliconindia published a piece written by Identiv CMO Soumya Das, “Identity in the Connected World”. Read the complete article below:
Identity is all about trust. For most organizations, trust is a big issue, and it is becoming even more so in our modern, connected world. Organizations need to trust people, premises, information, and everyday items. A secure identity is the foundation of that trust.
Traditionally, organizations depend on a physical identity in order to trust the people that work for them. This physical identity typically includes a different badge and key for every door, gate, elevator, storage room, warehouse, computer, and printer within premises. In addition, the same employees must create multiple online identities, requiring usernames and passwords, for every work and personal site and database they interact with on a daily basis. But as technology progresses, organizations are realizing that every created identity also creates a side effect. The average person has over 17 physical and online identities. Most of these use unsecure or easily guessed usernames and passwords, and the side effects of those unsecure passwords are data breaches.
The same identity problem is emerging with products. The ever-expanding Internet of Things (IoT) means that everything is quickly becoming connected. Today, it is possible to connect any product quickly and easily to the digital world. Contactless tags, such as NFC (near field communication) and RFID (radio-frequency identification), can be affixed to almost any item. These items only need to be periodically connected to the internet connecting them for just a moment delivers many capabilities, such as determining if an item is genuine, registering GPS coordinates, or transferring data to or from the cloud from an integrated sensor. These contactless tags are really just micro-computers powered by the reader, capable of running programs and custom code. So, like all computers, they need to be trusted secured, authenticated, data encrypted, and so on.
Additionally, in the connected landscape of the IoT, the world is flooded with everyday items that are fake. Counterfeited goods make up nearly 7 percent of global trade, costing the global market an estimated $250 billion a year. Organizations have a tough time trusting the products that are purchased in the online world and then enter their physical world. From data breaches to counterfeit goods, the online marketplace is simply difficult to trust.
The Move towards the Post-Password Era
How do organizations solve the problem of identity in today’s connected world? The truth is that passwords are well beyond their use-by date and we are entering the post-password era we cannot continue to accept the continual breaches and corresponding business impact. The only rational answer is to move to a universal, standards-based system involving more than just an unsecure password. It is time that organizations embrace strong, trusted authentication through an infrastructure that delivers a unique identity to any person or product and protects that identity with a secured credential. These secured credentials are embedded with digital certificates that can be delivered to a badge, a phone, a computer, a browser, or via email. The same secure digital certificates can be delivered to a product, establishing a trusted identity for literally millions of everyday items, easily verified by any compatible mobile device.
Strong authentication with a digital certificate can be used anywhere across the entire enterprise ecosystem, where and when employees need it computers, networks, mobile devices, and even doors for facility access. Once an employee is using a certificate on a device, there are many things that can be done beyond securing the initial login and authentication. Since certificates are multi-use, users can encrypt or digitally sign protected emails and documents, encrypt hard drives, and can even use them for new initiatives, such as signing prescriptions.
Every organization should be moving into the post-password era, and the good news is that it’s relatively easy to get up-and-running with a pilot, because digital certificates are standards nearly all operating systems and cloud/applications software support their use. There are even companies that deploy trusted authentication through a turnkey cloud service, so organizations can get up-and-running even quicker, establishing a trusted ecosystem across all lines of business, geographic locations, devices, people, and everyday items simple and convenient.
The original story is posted here.