RSA has updated its passwordless identity management platform to add support for desktops that are connected to the Microsoft Entra ID directory service.
In addition, RSA has added support for code matching to the authentication platform it provides based on the Remote Authentication Dial-In User Service (RADIUS) to prevent attacks that flood an end user’s device with multiple requests to log in to an account.
Finally, end users will be able to enroll new RSA mobile passkeys and other methods for providing multifactor authentication via a one-step process to streamline support and reduce help desk costs.
Jim Taylor, chief product officer for RSA, said these latest additions to the RSA ID Plus platform extend the scope of passwordless login methods already provided, including software-as-a-service (SaaS) applications.
It’s not clear how many organizations are adopting various types of multifactor authentication methods, but most organizations now realize that, based on their value to their organization, different classes of applications require different approaches to authentication, said Taylor. The more critical the application, the more probable it is for example, some form of biometric authentication might be required, he added.
The challenge is not only determining which approach to multifactor authentication makes the most economic sense but also implementing it in a way that end users will appreciate. Many of the initial efforts to onboard end users to a multifactor authentication platform tend to disrupt workflows, so minimizing those issues promptly becomes a critical success factor, noted Taylor.
Even after multifactor authentication is adopted, organizations need to remain wary. Cybercriminals have become more adept at crafting social engineering attacks that convince end users to share access codes that can then be used to log into applications.
Regardless of the challenges, however, securing traditional passwords has become all but untenable. Collections of usernames/passwords are strewn all across the Dark Web, and even when rotated, it doesn’t take too much effort for cybercriminals to steal them again. The truth is that the bulk of cyberattacks continue to involve some type of compromise of an identity, most often using a stolen password.
Unfortunately, passwords are not going away any time soon. It may require another decade of effort to fully replace them, but progress is being made.
At the same time, however, the number of identities that need to be secured is also about to exponentially increase. In addition to all the non-human identities that already need to be protected, artificial intelligence (AI) agents will all have a unique identity. The challenge is that each of these AI agents will be assigned specific tasks, which makes them rich potential targets that will surely attract the attention of cybercriminals. In fact, it’s not hard to imagine how one day an AI agent could be created to impersonate a legitimate AI agent.
Each organization will, of course, need to evaluate the level of risk they are willing to accept now and tomorrow, a decision that will hopefully be made long before yet another breach determines the issue for them.
