Kevin Dohrmann CTO Cosentry MOVING FORWARD WITH CONFIDENCE Facts a t a G lance Company Background Headquarters in Omaha NE 180 Employees Nationwide One of Inc 5000 Fastest Growing Company ID: 497558
Download Presentation The PPT/PDF document "The Future of Authentication and Securit..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
The Future of Authentication and Security
Kevin DohrmannCTO Cosentry
MOVING FORWARD WITH CONFIDENCESlide2
Facts
a
t a
G
lance
Company Background
Headquarters in Omaha, NE180 Employees NationwideOne of Inc. 5000 Fastest Growing Company 6 years running5 years 20% growth Y/O/YCenter of Excellence in Compliance and Security6 Data Centers across the Midwest
TA Investment
Acquisition occurred in 2011
Founded in 1969 and headquartered in Boston, MA
$16 Billion raised since inception
Primary focus on investments in the technology industry with majority, minority, and debt investments of up to $500M
Enables Growth and Strategic InvestmentSlide3
Cosentry Solutions & Services
Facilities & Infrastructure
Six Data Centers
High Capacity Network (over 31+GBPS of Internet)
Hardened Facilities
200,000 square feet
High Available Production EnvironmentsComplianceData SecurityBackup &Recovery ServicesFacilities Security- 24 Hour Electronic and Biometric access Control
System Support
Monitoring
Reporting
Managed Services
Systems Management
Technical Helpdesk
Project Management
Vendor ManagementService Level Agreement (SLA)Quarterly Client ReviewsCapacity Planning
Architecture & DesignCapacity on DemandVblock Cloud InfrastructureTiered StorageBackup InfrastructurePatch ManagementLoad BalancingRegulatory Review & DesignNetwork Analysis &DesignSystem Performance & Tuning
Highly Available SystemsHardened Data CentersRegulatory Security
24/7 Operations and Support
Capacity On Demand
ComplianceSlide4
Cosentry’s Flexible Service Capabilities
Managed Applications
Business Continuity
Web Hosting
Content Management
IaaS
Enablement
Compliant Data CentersSlide5Slide6
The password
I forgot my password!
20%-50% of Help Desk Calls
According to the Gartner Group, between 20% to 50% of all help desk calls are for password resets. Forrester Research states that the average help desk labor cost for a single password reset is about $70.
Credit-checking firm Experian found that for an average of 26 different online accounts, users had only five different passwords. 25-34-year-olds are the most prolific, with no fewer than 40 online accounts per person on average.
2 Million Stolen Passwords Recovered
The stash includes purloined Facebook, Google, Twitter, and Yahoo access credentials. ~ the stolen credential mother lode was the botnet herder's collection of almost 1.6 million stolen website login credentials, which comprised 326,129 Facebook passwords (or 59% of all recovered stolen passwords), followed by 70,532 passwords for Google (13%), 59,549 for Yahoo (11%), 21,708 for Twitter (4%), and 8,490 LinkedIn (2%).Slide7
25 Most common passwords
password
123456123456781234
qwerty
12345
dragonpussybaseball
footballletmeinmonkey
696969
abc123
mustang
michael
shadow
master
jennifer
1111112000jordansupermanharley1234567Here are the top 25, as extracted by antivirus solution provider ESET.Slide8
Gartner floated some interesting ideas and predictions on where the Identity and Access Management (IAM) market is heading during Monday’s
IAM Summit keynote.Some may be a bit more futuristic than others, but their view is cause to take a step back from the daily grind and observe our industry from new perspectives. Below are the highlights and 2020 predictions:
1. Every user is a consumer, and the way we access systems is consumer-like –especially in the mobile era. Gartner predicts that by 2020, 80% of access will be shaped by non-PC architectures – up from 5% today. It’s time to move on, and stop trying to make mobile devices look like corporate PC’s.
2
.
The IAM space is becoming a competitive marketplace for identities. By 2020, 60% of digital identities interacting with the enterprise will come from external identity providers through a competitive marketplace – up from less than 10% today.3. The death of the “least privileged”. By 2020, over 80% of enterprise will allow unrestricted access to non-critical assets up from 5% today reducing IAM spend by 25%. To this end, organizations are better off focusing IAM spend on high-value data, and applying baseline security to everything else
. (Drop Box)4. By end of 2020, overall IAM products and services pricing will drop by 40% relative to today in real terms. We’ll see new ways of addressing the same issue, with new competitive players. We’ll see a change in delivery models. Also, pricing will move from user-based to transaction-based.5. It’s not who you are, but what you do and how you do it. Multitude of devices, applications, and identities bring more attributes and multi-dimensional context to access control. By 2020, 70% of all businesses will use attribute based access control (ABAC) as the dominant mechanism to protect critical assets, up from 5% today.6. Identity intelligence finally gets a brain: By 2020, identity analytical and intelligence (IAI) tools will deliver direct business value in 60% of enterprises up from less than 5% today. This will include logging and log management, behavioral attributes about who is accessing what and “identity nodes” around users and administrators.7. Managing identities will include the internet of things. By 2020, the internet of things will redefine the concept of “identity management” to include what people own, share, and use. Legacy pricing models will implode:
20/20 Vision: Top Identity & Access Management Predictions from the Gartner IAM
Summit
Andrew
Young
November
20, 2013, 11:41 am ESTSlide9
In a breach
first announced on this blog Oct. 3, 2013, Adobe said hackers had stolen nearly 3 million encrypted customer credit card records, as well as login data for an undetermined number of Adobe user accounts. Earlier this month, Adobe said it had actually notified more than 38 million users that their encrypted account data may have been compromised. But
asfirst reported here on Oct. 29, the breach may have impacted closer to 150 million Adobe users.
Adobe BreachSlide10
To Restate The Problem
Login and password authentication stinksHard to rememberEasy to Steal
Easy to SpoofHard to supportOld TechnologyGets better with two factors (mobile or Token)Slide11
Technology Trends
According to Kevin
Bandwidth Prices have no bottom
Storage cost will continue to Drop
Processing power will increase and costs will drop
Mobile technology is ubiquitousBig Data (Stupid Phrase) is just getting startedVideo and photo is the new textSlide12
Technology Trends
Enabling
Impossible applications will be possible (Gods Number, bio-informatics, Kinect)
Real time video and image analysis (Remote medicine, wearable computing, augmented Reality)
Context Sensitive Security
GPS aware security Attribute Bases Access control
“Trust Everyone but brand your Cattle”According to KevinSlide13
Future of Identity and Authentication Management
“Welcome back to the Gap Mr.
Yakimoto”. Mall Scene from Minority Report
Multifactor Biometrics (Iris, facial, fingerprint, DNA) (things we are)
Tokens and devices (things we have)
PIN’s, password and codes (things we know)Context aware (Attribute Based Access Control) NIST 800-162 (October 2013) (things we are doing)What to do about privacy?Slide14
Past - FutureSlide15Slide16
Future of Identity and Authentication Management
Winners?
Characteristics of winners in the spaceLow Cost
Secure implementation
Universal adoption
Hard to Hack or CrackMust be 2 or 3 factorTrusted or required
Mobile devices are first to implementApple 5s finger print readerSamsung Galaxy S4 facial recognitionRings (NFC) no biometrics NYMI (Heart beat)Kinect Heart BeatSlide17
Problems
FIDO versus What? No Standards to begin with
Bad guys can buy technology also
Human beings are not that smart about stuff
What to do about privacy ?
Can the law gather your DNA just in case you ever commit a crime?
Freedom from search without a probable causeSlide18
EFF ( Worry Warts) Blogs about Mandatory
National IDs and Biometric Databases December 29, 2012 - 3:01pm | By Rebecca Bowe
2012 in Review: Biometric ID Systems Grew Internationally… And So Did Concerns About Privacy October 15, 2012 - 8:56pm | By Katitza Rodriguez Highest
Court in the European Union To Rule On Biometrics
Privacy
September 27, 2012 - 3:45pm | By Rebecca Bowe India's Gargantuan Biometric Database Raises Big Questions August 31, 2012 - 12:05pm | By EFF Intern
Despite Privacy Concerns, Mexico Continues Scanning Youth Irises for ID CardsReferenceswww.ieee.org/publications_standards/.../sample_biometrics_pdf.pdfSlide19
Questions?
“When you come to the Fork in the Road pick it up”, Yogi Berra.