Identity

How orchestration can accelerate the end of passwords

The information industry is making a major push to improve identity and access management protocols so that users can obtain the answers they need swiftly and securely. 

More than 200 companies have joined the Fast Identity Online Alliance, or FIDO, to consolidate resources and support for passwordless authentication. As part of this movement, identity orchestration has emerged as a viable path for companies to put their passwordless plans into action.     

In simple terms, identity orchestration is a framework for integrating all phases and workflows of the identity journey, which is the summation of all elements tied to the user experience — registration, login, authentication, verification, and so on. The identity journey applies to a range of concerns — from login settings like Single Sign On (SSO) and multifactor authentication, to user account activity and customer history, to point-of-sale and even fraud monitoring.

What is identity orchestration

An identity orchestration platform seeks to integrate all these aspects into one user interface, providing them with a seamless experience while giving organizations the equipment to visualize and map out strong authentication safeguards. Additionally, identity orchestration platforms give organizations more control and visibility in determining approved channels for users to access services. If it can be mapped, then it can be orchestrated; there’s no ambiguity about where a user will end up or whether their searches will yield a resolution.   

Orchestration is a valuable tool because it can automate workflows, facilitate a wide range of identity use cases, and makes it substantially easier to update or modify the identity journey through the use of no-code ‘flows’ that do not require technical programming expertise. 

Why does orchestration matter?

Orchestration takes away much of the heavy lifting typically involved in development through no-code or low-code configuration. Instead of requiring a team of skilled developers to produce custom code, modern orchestration solutions have engineered drag-and-drop templates that non-technical personnel can use to formalize their identity workflows. 

It also improves visibility and mapping functionality. An identity orchestration (IO) platform allows security teams to view the entire user journey from beginning to end, and to identify soft spots or vulnerabilities where they crop up. Orchestration lets organizations map parameters and alerts for fraud detection, ID proofing, authentication and authorization. 

Orchestration can also help organizations improve the user experience. By uniting all phases and touchpoints into a singular customer experience, there’s significantly less risk of ‘weak links’ interrupting the transaction or diverting users from their intended destination. Continuity and consistency is achievable through orchestration. 

Industry forces call for more

Gartner Research predicts that by 2023, 3 out of every 4 organizations will be using “a single vendor with strong identity orchestration capabilities and connections to many other third parties for identity proofing and affirmation,” a significant increase over the 15% of companies doing so today.

Why is identity orchestration seeing such a spike in popularity recently? There’s a few factors at play. 

#1: Global expansion: Companies must increasingly contend with growing user bases that can access their services all around the world. Without orchestration, meeting the needs of such a diverse and geographically distributed user base is guaranteed to fail when it comes to delivering uniform levels of service. Identity orchestration makes it easier to optimize workflows and conduct A/B testing to best determine how to meet the needs of a global user base.

#2: Keeping up with regulations: Year by year, new regulations and mandates permeate the industry. The burden is on organizations to stay agile when it comes to updating their identity policies to stay in compliance with regulations. Lacking orchestration, organizations have to put in considerably more time and man hours to ensure such updates are coded and vetted before they can go live.

#3: Data fragmentation: A variety of data types and forms challenge conventional identity management solutions, which can result in rules exceptions leading to otherwise preventable security lapses.

#4: Third party support: New data vendors are constantly emerging in the market and orchestration makes it easier to assess and integrate new vendor services/APIs.

#5: Meeting user expectations: Users have higher expectations of service. Disruptions to account recovery, forgotten passwords, and needlessly complex verification have made it even more important to orchestrate identity so these expectations can be met.

How orchestration can accelerate passwordless authentication

As more organizations move to a passwordless future to correct security flaws of passwords, identity orchestration will become increasingly important.  

There are several ways that orchestration can pave the way for passwordless authentication.

  • Orchestration can simplify and streamline registration and login processes. For example, effective IO will be able to integrate features like identity proofing, automated IP address checks, autofill functionality, and SSO to reduce the number of logins required by a single user.
  • Orchestration can make it easier for organizations to centralize passwordless methods, such as the use of passkeys. Passkeys can include biometric scans such as those currently used by Microsoft and Google, or hardware security keys that communicate with PCs and smartphones via USB, NFC or Bluetooth. 
  • Orchestration gives organizations more power to configure and automate their identity workflows. Some vendors, like Ping, have developed no-code flow tools so that non-technical personnel can improve the user journey as they see fit without requiring custom code inputs. The platform gives them a birds-eye ‘whiteboard’ view of workflows as well as hundreds of drag-and-drop templates to make changes easily.

Summarizing IO platforms

  • The goal: provide a seamless user experience while securing every instance of a user’s identity interactions
  • IO platforms eliminate identity silos by providing organizations visibility into all aspects of user identity
  • IO platforms integrate identity services together to make sense of it all, in contrast to  many legacy IAM solutions that are not integrated and prone to disrupting the identity journey.
  • IO platforms give organizations the ability to automate workflows pertaining to fraud detection, identity proofing, registration, passwordless authentication, authorization, and more.
  • The latest line of IO platforms uses no-code or low-code design to give non-developers the license to configure identity workflows without the requirement of producing custom code to do so.
Daniel Thomas

Daniel Thomas is a technology writer, researcher, and content producer for CyberRisk Alliance. He has over a decade of experience writing on the most critical topics of interest for the cybersecurity community, including cloud computing, artificial intelligence and machine learning, data analytics, threat hunting, automation, IAM, and digital security policies. He previously served as a senior editor for Defense News, and as the director of research for GovExec News in Washington, D.C.. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.