The passwordless solution can’t be tied to just one application or system; it must be available everywhere a user works.
The solution must be able to authenticate users seamlessly at workstations and physical entries using proximity and biometric data.
It’s not enough to validate users at sign in; solutions must continually authenticate them throughout the entire work session.
Enabling users to enroll and manage their devices from anywhere (based on internal security policies) reduces IT help desk tickets.
Speed and scalability enable passwordless solutions to become the single most secure authentication layer to all digital and physical workflows in the enterprise. Deep technology collaborations with manufacturers and operating system vendors overcome usability challenges, and strong AI/ML functionality allows the solution to improve with each user interaction. Best of all, the superior end-user experience facilitates broad adoption so the tech actually gets used.
Forrester analysts also encourage buyers to consider the security and ease-of-use tradeoffs between biometrics, smartphone as token, or hardware tokens and to pay attention to vendor support for OSes, browsers, and endpoint devices. They note that a passwordless approach must still support an overall MFA strategy with a means for risk-based, step-up authentication that takes into account the need to secure access to apps built to support only passwords.
Additionally, to provide more granular and dynamic network access, Zero Trust edge mandates that most network traffic and activity be tied to well-identified, authenticated, and authorized users. As the Forrester report notes, cloud-based solutions enable organizations to implement and enforce least-privilege-based, just-in-time access to storage, compute, and network resources.
Beyond usability and security, continuous authentication solutions must respect user privacy. Users should have complete control over and visibility into the data that are collected and how it is used. Modeling should be done in a privacy-preserving manner with clear outcomes defined, and AI/ML models should be used strictly to facilitate authentication the user initiated and not for any other data collection or user monitoring.
Continuous passwordless identity should strike a balance between a frictionless end-user experience and highly accurate security to lay the foundation for data-breach risk-reduction strategies that improve cyber resilience and reduce user frustration at the same time. Organizations that prioritize the passwordless approach will leapfrog current technologies and lead the pack with the best credential defense available.
Their workflows will become more streamlined, their overall cyber investments will shrink, and their users will be much, much happier.