Best Practices for Selecting New User Authentication Methods


By year-end 2019, 20% of organizations will meet the majority of their user authentication needs using access management tools rather than stand-alone tools, up from less than 5% today.

Key Challenges
  • Most authentication buying decisions are tactical and focus on a single use case. This can lead to unnecessary complexity across multiple use cases over time.
  • Each use case has different needs and constraints. Thus, a single authentication method or delivery option is rarely the best fit for all use cases across an organization.
  • Decision makers generally lack frameworks for consistently evaluating trust and accountability, total cost of ownership (TCO) or user experience (UX).
  • Many access management tools now embed authentication capabilities on a par with mainstream pure-play authentication offerings, expanding the choice of deployment and delivery models, but adding to the decision factors that need to be considered.

Security and risk management leaders responsible for managing identities, privileges, access and trust should:


  • Create an inventory of all use cases defined by distinct combinations of users, endpoints, locations and assets being accessed.
  • Determine and document the needs and constraints in each use case, including regulatory compliance requirements and adjacent security and operational needs.
  • Evaluate the TCO and UX of each candidate method, as well as trust and accountability.
  • Evaluate delivery models against the organizations' business and technology roadmap, as well as the needs and constraints of each use case.
  • Define an optimal solution set that fits the needs and constraints of all use cases in the simplest way, but with minimal trade-offs.

Your last chance to join Europes best IAM leaders. View pricing.