Going Beyond Identity and Access Management
Identity and access management (IAM) tools are now table stakes for financial institutions. To protect client data and ensure the right people have access to the right services at the right time, robust IAM is critical.
But IAM also comes with challenges for financial security. While many solutions have moved beyond username/password gateways to include two-factor authentication, these SMS or token-based alternatives are still subject to potential compromise if attackers can carry out eavesdropping attacks or gain physical access to user tokens.
IAM also presents the problem of overly permissive access. For example, once clients or staff have been verified, there’s often no further control, in turn making it possible for users to access systems or services that are beyond the scope of their immediate needs.
This predicates the shift to privileged access management solutions that use a zero-trust model to authenticate users. Instead of assuming user identify based on limited permissions evaluation, zero-trust models require robust verification through biometric or behavioral assessments, and then only provide access to role-based services. For example, while authenticated clients using web portals could gain access to basic account information, access to privileged functions such as large-volume currency transfers or investment purchasing could be gated by additional layers of intelligent authentication.
Implementing Intelligent Authentication
While more security is tied to better overall protection for banks and clients, simply adding new services without consideration for existing environments can increase overall complexity and reduce security in situ. As a result, banks must consider three factors for effective authentication:
- Is current infrastructure capable of handling the requirements of biometric or behavioral solutions such as storage capacity, bandwidth and resource availability?
- How will new intelligent authentication solutions interconnect and interact with existing systems, especially those tied to legacy mainframe solutions?
- What does implementation look like in practice? Here, banks often benefit from expert third-party assistance to vet potential solutions and determine the best deployment strategy.
Implemented at scale and backed by zero-trust solutions, intelligent authentication can help financial firms reduce fraud, streamline access and improve customer satisfaction.