Light Dark
December 6, 2017 By Michael Bunyard 3 min read

This blog was updated on May 10, 2018 to reflect the latest IBM Security App Exchange offerings and integrations.

Major breaches have opened the floodgates on our personal data. Much of the information that was used to establish identity in the past is now a shared secret in the hands of cybercriminals. Because it’s now widely accepted that passwords alone are no longer enough to verify users’ identities online, options for more advanced multifactor authentication (MFA) have expanded greatly — from hardware-based tokens to biometrics and mobile authentication.

Organizations are now taking advantage of several different types of authentication methods that offer more flexibility to combine technologies and create the right balance of security, privacy and user experience for many different scenarios. These new approaches are often driven by the sensitivity of the data being accessed, as well as the type of user population accessing them. The future of authentication hinges on an organization’s ability to adapt and combine authentication methods based on risk.

New Partner Integrations for IBM Security Access Manager Available via IBM Security App Exchange

The good news is that adoption of multifactor authentication has skyrocketed over the past few years. In fact, a recent survey found that 93 percent of organizations are now using MFA. However, managing and integrating the wide variety of MFA options available is no easy feat. That’s why IBM is announcing new integrations with four leading edge authentication providers to provide customers with easy access to more MFA technologies through IBM Security Access Manager (ISAM).

These new MFA partner integrations will be available as applications for easy download via the IBM Security App Exchange, ranging from hardware-based tokens to biometrics and mobile authentication applications. The new Authentication section of the App Exchange will feature apps from industry leading partners including BuyPass, DualAuth, Imageware and Yubico.

Related: Teaming Up to Overhaul Authentication

ISAM allows companies to centralize access management for web, mobile and cloud technologies in a single platform, and comes pre-integrated with its own in-house mobile multifactor authentication capability, IBM Verify. The new MFA applications from these partners can now be easily integrated with IBM Security Access Manager via prebuilt connectors available as apps on the IBM App Exchange, a marketplace where developers across the industry can share applications based on IBM Security technologies.

Check Out the Latest Offerings

Stronger collaboration between security providers in the IAM space is critical in helping our joint customers adopt stronger authentication options that go beyond the password, and ensuring that these technologies are integrated in a way that is both simple and secure.

The new set of multifactor authentication apps available today on the App Exchange include:

  • AutoPassword from DualAuth, which reduces a user’s reliance on insecure passwords by automatically generating and entering a new one-time password for each log in. The password generation technology prevents phishing attacks since users can compare the generated passwords to verify the service. AutoPassword can be combined with any desired form of multifactor authentication to create a uniquely secure environment.
  • Buypass Code from Buypass, a mobile phone and PC application for two-factor authentication. The application is delivered as-a-service per active user and allows employees to easily gain secure access to a wide range of systems and applications like VPNs, ISAM, cloud services and web applications.
  • GoVerifyID from ImageWare provides a highly scalable, mobile authentication solution with choices spanning mobile push, PIN, face, voice, fingerprint and palm biometrics.
  • YubiKey by Yubico, an easy-to-use, multiprotocol hardware authentication device that provides seamless, trusted access to any number of online systems, networks and applications — all with a simple touch.
  • DigitalPersona from Crossmatch, which provides composite authentication (beyond MFA) and a wide array of biometric, mobile, behavioral and traditional user authentication options.
  • BioConnectID from BioConnect, a biometric authentication platform for digital and physical access to any application from any device, including eye, face, voice, finger and behavioral authentication.

Cybercriminals are collaborating with each other to share user information and credentials, making secure identity and access management even more difficult to achieve. As the defenders, we need to take a page from their book when it comes to collaboration and work closely to create a more secure foundation for the future of authentication.

VISIT THE IBM SECURITY APP EXCHANGE

 |  |  |  |  |  | 
Michael Bunyard
IAM Product Marketing Lead

More from

May 9, 2024

Social engineering in the era of generative AI: Predictions for 2024

5 min read - Breakthroughs in large language models (LLMs) are driving an arms race between cybersecurity and social engineering scammers. Here’s how it’s set to play out in 2024.For businesses, generative AI is both a curse and an opportunity. As enterprises race to adopt the technology, they also take on a whole new layer of cyber risk. The constant fear of missing out isn’t helping either. But it’s not just AI models themselves that cyber criminals are targeting. In a time when fakery…

May 8, 2024

Change Healthcare attack expected to exceed $1 billion in costs

3 min read - The impact of the recent Change Healthcare cyberattack is unprecedented — and so are the costs. Rick Pollack, President and CEO of the American Hospital Association, stated, “The Change Healthcare cyberattack is the most significant and consequential incident of its kind against the U.S. healthcare system in history.”In a recent earnings call, UnitedHealth Group, the parent company of Change Healthcare, speculated on the overall data breach costs. When all is said and done, the total tally may reach $1 billion…

May 7, 2024

Remote access risks on the rise with CVE-2024-1708 and CVE-2024-1709

4 min read - On February 19, ConnectWise reported two vulnerabilities in its ScreenConnect product, CVE-2024-1708 and 1709. The first is an authentication bypass vulnerability, and the second is a path traversal vulnerability. Both made it possible for attackers to bypass authentication processes and execute remote code.While ConnectWise initially reported that the vulnerabilities had proof-of-concept but hadn’t been spotted in the wild, reports from customers quickly made it clear that hackers were actively exploring both flaws. As a result, the company created patches for…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature