Authentication

Authentication ensures users or devices are known and trusted to access data and resources

Authentication is the process of verifying the identity of a user or validating a connecting device. Passwords, tokens and shared secrets are used to ensure that a user and/or device has the right to access data and resources on a computer system or network.

What are some examples of authentication tools?

• Simple username and password.
• Challenge-response devices, such as an RSA token.
• 2FA, such as a USB key with a PKI certificate, a mobile device, and a password.
• Biometric, such as a fingerprint scanner.

Who are the key vendors for authentication?

• Authentication vendors within the broader “Identity and Access Management’ category have focused solutions:
• Authentication Solutions: Validate identities for users and consumers. Examples are Callsign, Centrify, Google, Duo
• IDaaS (Identity as a Service): Cloud service for validating identities of users and consumers. Examples are OneLogin, Okta, and Microsoft
• Privileged Management: Help control and monitor the access of data and resources of privileged users (those with administrative access to systems). Examples are CyberArk, One Identity, and Beyond Trust.
• Identity Governance: These solutions help organizations holistically manage the access rights of users across an enterprise. Examples are Sailpoint, SIMEIO, and Help Systems.
• Consumer Identity: As the category name indicates, these solutions are focused on providing access rights to consumers accessing their services and products. Examples include LoginRadius, Verato, Akamai, and ID.me.