Modernize Your Identity Authentication Practices

Securely manage your identities and improve your authentication based on risks.

Analyst Perspective

Build an iterative authentication roadmap to help you better protect your identities.

As we continue to shift to a world where our digital footprint is expanding, it is important to ensure we protect our digital identities against the known and unknown threats that have negatively impacted organizations’ authentication practices. The rise in credential compromise attacks, coupled with the weak authentication measures of traditional methods, depicts the need for a framework that will protect user identities, while enabling continuous improvement in an evolving threat landscape.

A modernized authentication roadmap would leverage industry standards to assess your organization’s risk posture and existing methods, which will help determine the most appropriate authentication levels and associated practices applicable to your needs. The roadmap would also ensure you are prioritizing your critical identities and deploying it with applicable standards, policies, and metrics that will encompass your authentication best practice. Having visibility into your current authentication practices, while developing a plan to modernize it will allow for the continuous improvement to your authentication lifecycle and your identity and access management program.

Ahmad Jowhar Research Analyst, Security & Privacy Info-Tech Research Group

Executive Summary

Your Challenge

• Rise of attacks through identity compromise demonstrates the focus attackers are placing on leveraging identities to infiltrate a network.
• Traditional authentication methods are no longer safe, as each authentication request puts the enterprise at risk.
• Lack of visibility into the different authentication practices an organization implements.

Common Obstacles

• Implementation of additional authentication methods such as MFA might not be possible with the organization’s current authentication maturity in place.
• Organizations don’t know where or how to build their authentication strategies due to the lack of an authentication assessment in place.
• With a fast majority of different authentication methods, organizations are unsure which method would best align with their security goals.

Info-Tech’s Approach

• A guideline on how to assess your current authentication practices and determine which authentication assurance levels and practices meet your needs.
• Visibility into your organization’s current authentication practices within your various identity repositories.
• A developed roadmap to help you determine how to prioritize your authentication initiatives based on risk, organizational needs, and capabilities.

Info-Tech Insight

Leveraging a risk-based approach to modernizing your authentication practices will ensure you have the right authentication assurance level in place, while also identifying continuous improvement to your authentication lifecycle.

Your Challenge

Traditional authentication methods are not the most secure route anymore.

• The increased rise of attacks through stolen credentials shows the shift of focus for threat actors in targeting identities to infiltrate an organization’s network.
• Stolen credentials was the number one attack vector for threat actors, along with phishing attacks. However, the number of stolen credentials rose by 14%, while the number of phishing attacks fell by 11% (IBM, 2024), which indicates the focus of attackers on infiltrating an organization’s network through compromised credentials.
• Safeguarding your user credentials isn’t as simple as a username and password, and organizations can’t rely on basic authentication methods, especially with the sophistication of threat actors in targeting user credentials.
• Hence, implementing modernized authentication practices that protect your user credentials and organization’s assets would improve your overall security maturity and prepare your organization to defend against the evolving threats of authentication-based attacks.

74% — Number of attacks targeting user credentials rose by 74% in 2022. (Source: Microsoft, 2022)

30% — 30% of breaches are caused by stolen identities. (Source: IBM, 2024)

91% — 91% of organizations considered weak authentication practices to be the root cause of their breach. (Source: HYPR, 2024)

Common Obstacles

Improving authentication is important, but knowing where to start is crucial.

• Although attacks targeting user credentials are increasing, many organizations are not adopting enhanced authentication practices to improve their security posture.
• The use of basic authentication practices such as passwords are still the main methods being leveraged by organizations, with many indicating not having MFA in place or implementing weak MFA practices.
• Although organizations understand improving their authentication practices should be a top priority, many find challenges in identifying not only which methods to adopt, but how to build their roadmap in implementing modernized authentication methods.
• Hence, leveraging industry best-practices in developing an authentication roadmap will ensure organizations are improving their authentication practices by taking a risk-based approach that aligns with their organizational needs.

88% — 88% of ransomware attacks targeted accounts with no MFA in place. (Source: Microsoft, 2022)

53% — 53% of organizations only use passwords to protect access to systems. (Source: HYPR, 2024)

58% — 58% of organizations agree that stronger authentication methods, such as passwordless, would be more secure for their organization. (Source: HYPR, 2024)

Modernize your identity authentication practices

Securely manage your identities and improve your authentication based on your risks.

Leveraging a risk-based approach to modernizing your authentication practices will ensure you have the right authentication assurance level in place, while also identifying continuous improvement for your authentication lifecycle.

Current Authentication Practice

Is not the safest approach, as it brings additional risks and impacts to the business

• Increased security risks from basic authentication methods
• Undefined AAL
• Lack of authentication roadmap to assist in modernization

Info-Tech’s methodology for modernizing your identity authentication practices

Insight summary

Build your authentication roadmap by having your risk and capabilities in mind

Leveraging a risk-based approach to modernizing your authentication practices will ensure you have the right authentication assurance level in place, while also identifying continuous improvement for your authentication lifecycle.

Define your authentication assurance level based on your risk appetite

Every authentication assurance level possesses its own benefits and risks; hence you should target the authentication methods that align with your risk profile.

Protect your crown jewels first

Begin your modernized authentication roadmap by prioritizing your authentication practices whose identities are the most critical to your organization.

Strategize the deployment of your roadmap

Implementing the right solution for your authentication needs begins by formalizing the right policies to ensure it aligns with your goals.

Develop a roadmap that goes beyond modernizing authentication

A robust authentication practice will mature your IAM and provide you with the visibility to safeguard your most critical protect surfaces.

Assess before you build

Not all organizations possess the appropriate readiness to modernize their identity authentication practices, hence it’s important to assess your current maturity before identifying improvement actions.

Blueprint deliverable

This blueprint is accompanied by a supporting deliverable which includes five security presentation templates.

Key Template:

Identity Authentication Roadmap Deck

Communication deck to help deliver your authentication findings and improvement actions to your collaborators.

Authentication Strategy Tool

Strategy tool to help you build your authentication roadmap.

Authentication Policy

Template to help draft your authentication policy.

Authentication Standard

Template to help draft your authentication standard.

Blueprint benefits

IT/Security Benefits

• Improved visibility into the organization’s authentication practices and maturity level based on best practice and standards.
• Reduced risk exposure to your identities through an appropriate roadmap in enhancing your authentication measures.
• Guidance on implementing your authentication practices through standards and policies, which will improve user awareness, adoption, and satisfaction.

Business Benefits

• Improved security posture through the strategic approach to enhance authentication measures based on organizational risks.
• Better understanding of authentication best practices that will enable compliance with regulation and standards.
• Improved maturity into your organization’s identity and access management program, which will better protect your crown jewels and reduce compliance and regulation risks.