Let's talk about advanced authentication. This is a term that has been coined by One Identity, and it's really the coming together of two concepts. On the one hand, we ideally would like passwordless authentication. We really need to eliminate passwords. They still represent the Achilles heel of security strategy.
But passwordless has been around for a long time, and has been very, very difficult to implement. Additionally, passwordless for every user may not be appropriate or relevant. So we put passwordless and what we call strong authentication together with context aware risk based authentication. We call that adaptive. The concept here is we apply multi-factor authentication policy based on a user's context. A context could include who I am, where I am, the applications that I'm using, the device that I happen to be using, and other domain areas. We put these two things together, and that's advanced authentication.
We believe that identity as a security domain is incredibly important, and should be put at the center of all security strategy. If we think about just about every breach in history, it starts with the theft of a credential. The criminal, first of all, gets a credential. They then use that credential to stage their attack. It's the protection of the identities and credentials in a business that can really lower risk in a very fundamental way.
01:38