VICTORIA, British Columbia (PRWEB) June 07, 2019
Plurilock CEO Ian Paterson told an audience Wednesday that though companies face hurdles and misinformation as they pursue zero trust security policies, zero trust can actually be achieved without new hardware or additional user training.
Speaking at this this year’s IdentityNORTH Summit in Toronto, Paterson sought to enhance companies’ understanding of the zero trust concept and to present solutions to key zero trust problems.
"Zero trust" has become an IT mantra in recent years, expressing the idea that computing systems and data are best secured by presuming them to always be vulnerable, and by presuming all of their users to be potential attackers—even those "inside" company or network perimeters.
This year’s delegates to the summit, a leading cybersecurity conference focused on user authentication in computing systems, were among the countless professionals currently seeking to help their organizations to achieve zero trust in today’s technology-centric world.
According to Paterson, cybersecurity leaders must carefully select the authentication technologies that their companies employ if zero trust is the goal.
"It's a common belief,” Paterson said, “that the path to zero trust is to require users to log in more frequently, then to protect each of these more frequent logins with multi-factor authentication.” But, Paterson explained, this belief generally leads companies astray.
Many of today's most common authentication technologies, such as login codes delivered by SMS, are no more secure than passwords, yet require additional hardware and login steps. Paterson said that despite these onerous requirements, once users successfully log in they are often effectively trusted as they work, leaving companies well short of a zero trust environment.
Paterson told the audience that behavioral-biometric authentication is the only method currently able to deliver zero trust in authentication, and that it requires no additional authentication hardware and no presence on users’ mobile phones.
"Behavioral-biometric authentication doesn't rely on codes, links, or extra hardware," said Paterson, "and can authenticate users continuously, in the background, as they work. It eliminates the need for trusted periods between logins as well as the need for dedicated hardware or mobile phones."
Paterson's company, Plurilock, is a key player in the field of behavioral-biometric authentication, holding a number of related patents. The company also boasts a research and development team heavily published in the field and multiple joint programs with government and military agencies. According to Paterson, this gives Plurilock unique expertise in some of the world’s most demanding zero trust environments.
More than 100 well-known organizations with cybersecurity expertise, including global brands from the internet, finance, healthcare, consulting, and government sectors, attended or sent delegates to this year’s IdentityNORTH event.
Plurilock is the leader in advanced and continuous authentication for standards and regulatory compliance. Plurilock’s software leverages state-of-the-art behavioral-biometric, environmental, and contextual technologies to provide invisible, adaptive, and risk-based MFA solutions with the lowest possible cost and complexity. Plurilock enables organizations to compute safely—and with peace of mind.