More people are using their mobile devices to manage their finances and investments than ever before, and the trend is set to continue for the foreseeable future.
With this is mind, Enterprise Management 360º interviewed Dave Schuette, EVP and president of Synchronoss Enterprise, to provide us with an overview of the company’s new identity and access management system.
Schuette says: “Synchronoss Enterprise has recently launched its Secure Mobility Platform (SMP) – originally developed for Goldman Sachs – which combines Synchronoss Lagoon, a highly secure container and Synchronoss Orbit, an integrated productivity suite consisting of email, contacts, calendar, and browser.
“SMP can be integrated with Synchronoss Universal ID to enable multi-factor authentication and Synchronoss Analytics for contextual authentication capabilities, delivering optimal usability as well as meeting the rigorous and exacting security requirements of regulated industries.”
Out with the old passwords
Schuette is apparently not a huge fan of what might be called “traditional” authentication methods, expressing some apprehension about their continued use.
He says: “Password-based authentication has been around for decades and while most systems have resorted to this method, with the volume of data and its sensitivity increasing, organisations have come to realise that it is far from fool-proof.
“Alpha-numeric passwords embody a ‘one-size-fits-all’ approach, disregarding the risk presented by a user at the time of requesting access into a device or application. As such, they have come to be cumbersome, insecure and the cause of much user friction.
“Moreover, as we increasingly use our smartphones and tablets in a working environment with the advent of BYOD [bring your own device], password-based authentication has proved inept for the touchscreen devices which make the inputting of specific alpha and numeric characters difficult and tedious.
“This is made all the more arduous with the number of password-protected accounts we have today; a UK government-run campaign named Cyber Streetwise, found in 2014 that the average Briton has 19 passwords to remember. What’s more, 35 per cent struggled to remember strong passwords, with 47 per cent admitting to using particularly unsafe passwords, such as name of pets.”
He offers a detailed description of how the Synchronoss contextual authentication system works, and provides an insight into its key features and benefits.
Schuette says: “With contextual authentication, users are lifted from the burden of prohibitive authentication measures. Contextual authentication works by taking into account a user’s context, that is time and location at the point of requesting access along with additional factors such Wi-Fi network connection, other devices in range and so on.
“These contextual factors all go towards building a risk profile and determining the level of authentication needed for the user to access the device or application.
“In an enterprise environment and in the context of BYOD, organisations can combine time and location as a single feature based on their employees’ typical behaviours.
“For example, for a trader working in London’s city, a London bank can set parameters to allow low-friction authentication into their corporate network when he or she finds himself in London’s financial district during trading hours.
“Should this same trader find him or herself outside of this location and out of trading hours, a higher level of verification, for example multi-factor authentication which may be made up of alpha-numeric as well as biometric authentication, will be required.
“Moreover, when it comes to enterprise mobility, organisations using contextual authentication methods can collate the data from their employees’ device usage to gain granular visibility of individual user behaviour.
“This allows companies to understand how different individuals use their devices, which tools and applications are preferred amongst which teams etc. By gaining this insight, organisations are then able to put in place measures to boost performance based on individual teams’ and departments’ needs and preferences.
“Contextual authentication should not mean the end of password-based system but on its own, the simple password is no longer effective as an effective security measure.
“With data breaches on the rise, the need to keep corporate and personal data safe is high. By incorporating alpha-numeric passwords within contextual authentication methods, we can assure secure mobility across organisations and sectors.”