Authentication ensures users or devices are known and trusted to access data and resources
Authentication is the process of verifying the identity of a user or validating a connecting device. Passwords, tokens and shared secrets are used to ensure that a user and/or device has the right to access data and resources on a computer system or network.
What are some examples of authentication tools?
- Simple username and password.
- Challenge-response devices, such as an RSA token.
- 2FA, such as a USB key with a PKI certificate, a mobile device, and a password.
- Biometric, such as a fingerprint scanner.
Who are the key vendors for authentication?
- Authentication vendors within the broader “Identity and Access Management’ category have focused solutions:
- Authentication Solutions: Validate identities for users and consumers. Examples are Callsign, Centrify, Google, Duo
- IDaaS (Identity as a Service): Cloud service for validating identities of users and consumers. Examples are OneLogin, Okta, and Microsoft
- Privileged Management: Help control and monitor the access of data and resources of privileged users (those with administrative access to systems). Examples are CyberArk, One Identity, and Beyond Trust.
- Identity Governance: These solutions help organizations holistically manage the access rights of users across an enterprise. Examples are Sailpoint, SIMEIO, and Help Systems.
- Consumer Identity: As the category name indicates, these solutions are focused on providing access rights to consumers accessing their services and products. Examples include LoginRadius, Verato, Akamai, and ID.me.