How SecurID offers truly convenient authentication—without increasing risk
Balancing convenience and security is an ongoing challenge for anyone in identity and access management. Do you prioritize safety and minimize risk, frustrating users every time they log in? Or do you make authentication easy, keep employees and customers happy, and leave your security team to deal with the potential fallout?
That’s admittedly a false dichotomy; you need to address user needs and keep everyone’s data secure. While simple username/password combinations may be convenient, they’ve become way too easy to hack, making them a significant threat to security. Instead, you need a simple, secure way to confirm that users are who they say they are. If users have a convenient way to prove their identity, they’ll be more apt to use it and you’ll end up with a more secure network. Everyone wins.
Today’s authentication systems must ensure secure access, on-premises or in the cloud. But convenience is just as crucial. In fact, it’s at the heart of modern authentication.
What do users want?
Users expect fast, convenient, consistent 24/7 access to data and applications—from wherever they are, on any device. And they won’t jump through hoops to get it. That means:
- A variety of multi-factor authentication methods—one-time password (OTP), push to approve, SMS, biometric, FIDO, on-demand, or passwordless—based on individual risk profile (IT, privilege admin, contractor, partner, employee)
- Fast service from the help desk to self-service capabilities, including OTP requests, authentication registration, and emergency access
- Single sign-on (SSO) for one-time login access to multiple resources
- The same access, whether online or off, to data stored on-premises or in the cloud, across all your brands, from personal or company-owned smartphones, tablets, or computers
- A self-learning risk engine that dynamically authenticates a user, reducing friction based on what it knows about each user and device.
Convenience: Not just for users anymore
Tech admins have needs, too. Luckily, improving user authentication also reduces the burden on IT. Simple self-service tools for enrollment, credential resets and other straightforward tasks save users time and free IT teams to focus on more pressing needs.
Let’s say you have 50,000 retirees who need to access your HR portal. Using MFA to authenticate and push through to their mobile phones means fewer calls to the help desk—and potential bottom-line savings. Passwords can be expensive, particularly for larger organizations, where 50% of IT help desks costs can go to password resets. This can amount to more than $1 million in staffing just to let legitimate users back into their accounts.
You can also use progressive profiling to track each user’s preferred channels and devices, then flag anomalies—e.g., an access attempt from a new laptop in London, for a user who always logs in from the same IP address in Florida. The attempt fails or is flagged with IT. With fewer IT calls for admin support, technical staff have more time to focus on high-risk, high-impact incidents.
A good authentication system should also be easy to set up and use, and should play well with existing systems, without the need to juggle multiple siloed tools. SecurID provides a single, easy-to-manage identity and access solution for all users, applications and environments, both on-premises and in the cloud. IT staff can easily set up or update password policy (e.g., restricted characters, length, expiration) and authentication policy (e.g., conditions to prompt for MFA) for the organization as a whole.
Convenience for all
With SecurID, you don’t have to choose between security and user experience. SecurID combines the widest possible array of flexible multi-factor authentication options with dynamic, risk-driven access policies. Users can quickly, easily and securely connect to any resource, from any device—and IT and management teams can keep customers and employees happy and information secure—with no tradeoffs needed.