This Is How Start-Ups Can Go Without Passwords Thanks To Zero Trust
This Is How Start-Ups Can Go Without Passwords Thanks To Zero Trust. The perception of high cost and tricky implementations has stalled some smaller businesses from ditching passwords. But alternatives to passwords are affordable, easy to implement and safer. The move to zero trust systems is acting as a catalyst. Zero trust focuses on who you are, not where you are. Zero trust models require companies to never trust any attempt to access its network, and must verify every single time – even from logins from inside the network. Password less tech is a key part of zero trust models.
There are several alternatives for passwords, including: Biometric authentication: widely used as fingerprint readers in smart phones and physical verification points at buildings; Social media authentication: where one uses their Google or Facebook IDs to authenticate themselves with a third-party service; Multi-factor authentication: where more layers of authentication are added using devices or services, such as token authentication using a trusted device; Grid authentication cards: which provide access while using a combination PIN; Push notifications: which are usually sent to the user’s smart phones or encrypted devices and Digital certificates: cryptographic files stored locally on the machine or device.
“The user registers by entering their email address or a phone number. Login to the app takes place by clicking the temporary link in the user’s inbox. The app on the user’s mobile phone places an authentication cookie, which enables the user to continue from that device without having to go through any further authentication,” Erka Koivunen, CISO at F-Secure told Tech Crunch.
Password less tech is not inherently costly but may take some adjustment, Ryan Weeks, CISO at managed service provider Datto explained to Tech Crunch. “It is not necessarily costly in terms of monetary investment, because there are a lot of easily accessible open-source alternatives for multi-factor authentication that don’t require any sort of investment.”
“Zero trust recognises the futility of forcing users to authenticate themselves by presenting something they should keep as secret. Instead, it prefers to establish the user’s identity using some context-aware method.” Weeks added. According To Tech Crunch, larger companies, like Microsoft and Google, already offer zero trust technologies. But investors are also eyeing smaller companies that offer zero trust for growing companies. Axis Security, a zero trust provider that allows remote employees to access their company’s network, raised $32 million last year. Beyond Identity raised $75 million in funding in December and Israel identity validation start-up Identiq raised $47 million in Series A funding in March.
