According to HID’s Steve Katanas, the top 5 trends in access control include the continuing shift to mobile based credentials, a focus on user experience, wearables, the convergence of physical and online authentication and the growing pressures of exposure to IoT.
MOBILE integration is the first trend I see. As we do more with our phones and increasingly demand anywhere/anytime on-line access, there is the opportunity to better protect these activities while creating a more satisfying, mobile-centric security experience at home, in the office, on the road and online. Over the past several years we’ve started to turn phones into ID cards, keys and computer login tokens while plugging security holes that mobility initially introduced. Moving forward, continuing advancements will enable a new, more secure identity lifestyle built around the convenience and ubiquity of our ever-present mobile devices.
Expect to see improvements in deployment, onboarding, management and professional service options will help accelerate mobile access adoption, increasing user confidence and capabilities across a growing range of applications. It will become even easier for travellers to open hotel doors, for college students to enter dorm rooms, and for online bank customers to transact with their phones. Computer and network logon will move even more seamlessly to phones, tablets and laptops.
Visiting healthcare workers, patrolling guards, field inspection teams and factory workers will touch their phones to RFID tags to log their presence and securely monitor processes in the Internet of Things (IoT). Wearables and other mobile products will join the device ecosystem, giving users even more choices and flexibility.
Trend 2 is that security will move to a much greater focus on the user experience. Users will continue to be the most important elements and yet weakest links in any security strategy, putting themselves and the people they work and transact with at risk when they don’t do their part. Advancements in the security experience will play a vital role in closing this gap between security planning and user compliance.
Security technology will no longer define office habits and personal lifestyles but adapt to them while empowering new capabilities, making it easier – and even attractive – for users to comply with requirements. Users will have more options for presenting secure identities for authentication. Organisations are now interested in having the choice to use any combination of ID cards, phones or other mobile device, or biometric factors, such as a fingerprint. The coming years will bring even more options. Traditional authentication elements like passwords, challenge/response questions and logon tokens will disappear, to be replaced by better ways of securing mobile banking channels, authenticating to corporate data, apps and web services and accessing healthcare and other sensitive personal information.
Trend 3 is the advent of a new era of secure connected identities will not only make us safer but fuel innovation in how we work, shop and play. After 2 decades of advances from simple visual ID badges to smart cards, standards-based access control systems and mobile ID solutions, the industry will now enter its next chapter: connected identities for a connected world, which are used on a variety of devices for a growing range of existing and new applications.
There will be greater reliance on many digital versions of our identity, used in many different ways across all walks of life. We will connect our identities to an expanding solution ecosystem for secure access to doors, data and cloud-based services and applications, accelerating the need for unified identity management systems and processes. The more we use these connected identities to secure so many aspects of our lives, the more it will fuel innovation in everything from the way we bank and purchase items to how our businesses, hospitals, schools, manufacturing plants and other facilities are built and operated. Multi-layered security strategies will be critical for protecting these connected identities, and biometrics will offer the potential to eliminate digital identity theft, binding all of these many different digital credentials to their true owners while making security even more convenient.
Trend 4 is closer attention to privacy issues in an increasingly connected and mobile-first world. A growing category of business and consumer products and services will be steadily collecting information about users, creating privacy and security vulnerabilities not only in cyberspace but in the physical world as well. The IoT will put even greater pressure on privacy. In a world where everything is connected – objects with other objects, the IoT with other networks – everything is potentially at risk. And as the IoT evolves, identity will expand beyond people and their personal identity information to the identity of objects and their authenticity.
Protecting personal information will become a critical focus area in the design, deployment and lifecycle of each and every interconnected device, service and application.
Trend 5 is that security policies and deployment best practices will be as important as technology advancements. More organisations will realise that even the most advanced technology is only as secure as the policies and deployment best practices that support them. The first U.S. digital drivers’ licenses will showcase this challenge, highlighting policy considerations that must accompany the use of secure, authenticated digital identities on mobile devices for issuing, carrying and presenting these and other government credentials.
Cost barriers that previously impeded best practices will be overcome as the value of these investment increases. For example, organisations are more likely to deploy physical access control systems if the same solution for opening doors can also be used for cafeteria purchases, computer logon, time-and-attendance systems and other applications. Vulnerability holes will be plugged as organisations move beyond older technologies to the latest solutions while also adopting best practices for policy and deployment. ♦
*Steve Katanas is sales director at HID Global.