| INTEGRATIVE INSIGHTS ON EMERGING OPPORTUNITIES |
Integrative research means our extensive company research informs every thesis and perspective. The result is deep industry knowledge, expertise, and trend insights that yield valuable results for our partners and clients.
hsmith@firstanalysis.com
lmoran@firstanalysis.com
- The weakness of password-only authentication for access to protected data is well known. Multifactor authentication (MFA) is a long-established way to address this weakness, but it wasn’t practical to deploy widely until the advent of cell phones and SMS for delivering second authentication factors. With nearly everyone owning a mobile phone today, MFA has become a familiar, regular, and highly trusted experience for most internet users.
- As MFA has become more prevalent, bad actors have directed their attention to defeating it and have developed relatively simple ways to compromise basic MFA. Organizations can respond by implementing enhancements that cost more and require more user effort, but there’s no one-size-fits-all solution. The key is finding the right balance between the value of the data being protected and the cost and user effort associated with different security levels.
- We discuss the evolution of MFA, its vulnerabilities, and some of the ways basic MFA can be enhanced to address those vulnerabilities. We also provide a brief survey of prominent MFA solution providers.
TABLE OF CONTENTS
Includes discussion of CYBR, MSFT, OKTA, OSPN and two private companies
Beyond the simple password
Digital MFA defined and brief history
Basic MFA can be defeated
Finding the right balance between MFA security level, risk, and resources
No rest for the MFA fatigued
Cybersecurity index ends near lowest level in a year
Cybersecurity M&A: Notable transactions include ForgeRock, Cider Security
Cybersecurity private placements: Noteworthy transactions include Snyk, NetSPI
Beyond the simple password
Most everyone is aware of the ease of using simple usernames and passwords to access accounts on computers and phones and the attraction of using the same ones everywhere and having them remembered by all their devices for all their accounts. Most everyone is also aware of the risks of doing so. Of course, account administrators try to reduce these risks by demanding users regularly change and use ever more complex and unique passwords, much to the frustration of users. In the face of these challenges, digital multifactor authentication (MFA) has seen increased adoption because it provides a path to the holy grail of authentication - better security and ease of use. But MFA is not a silver bullet. Bad actors have developed novel attack techniques to compromise MFA. Ultimately, the increasing complexity of securely authenticating online access means there's no one-size-fits-all solution. Rather, it's more important than ever to use thoughtful approaches that take into account dynamic risk measures as well as the IT sophistication and capabilities an organization can bring to bear on its authentication needs. Thankfully, there are solutions that cater to all types of profiles, and the range of solutions is increasing with innovative offerings that enhance basic MFA. We think this innovation will spur increased spending in the category.