In this rapidly evolving digital world, identity is at the heart of our personal and professional lives. On this week’s episode of Innovation In Compliance, Tom Fox and guest Paul Trulove, CEO of SecureAuth, explores the world of digital commerce, specifically delving into the realms of authentication and access management. Paul shares his insights on the evolution of the identity and access management space, the role of authentication in our daily lives, and the Zero Trust Initiative.
Paul Trulove is an expert in the identity and access management space, with an illustrious career spanning over 15 years. In his early career, he joined the startup SailPoint Technologies, where he helped the company evolve into a leading figure in identity governance and administration. Paul has seen and contributed to the changes within the industry up to this point where identity risk management has become a core element of our digital lives. Currently, as the CEO of SecureAuth, he oversees the company’s focus on authentication and access management.
You’ll hear Tom and Paul discuss:
- Paul describes what authentication and access management entails and how it impacts our daily digital interactions.
- SecureAuth is revolutionizing the authentication landscape, focusing on passwordless authentication and multi factor authentication to enhance security and reduce friction for end-users.
- Continuous authentication is a new approach that significantly reduces the friction that a user experiences during authentication and offers varied authentication methods based on the level of risk.
- Tom and Paul discuss the Zero Trust Initiative. This paradigm shift in security is based on the principle of trusting no one and verifying everyone, which has led to identity and access management becoming central to a zero-trust mindset.
- Next generation authentication will lean heavily towards the principles of zero trust, passwordless authentication, and continuous authentication, Paul says. He predicts that the use of artificial intelligence and machine learning will greatly advance authentication processes, helping process more data in real time and make better decisions regarding access.
- Paul suggests that authentication and access management has a large role in helping organizations comply with GDPR and other privacy requirements.
- He views GDPR as a necessary step rather than a barrier to doing business in the EU, emphasizing that protecting consumer data is an essential cost of doing business.
- Companies need to carefully consider their data collection, protection, and usage practices to maintain consumer trust and comply with regulations.
KEY QUOTES:
“Authentication and access management is a core discipline on how we let people get access to the things that they need access to in applications, data, repositories, platforms, infrastructure. Really you use authentication probably 10, 15, 20 times a day as you log into various systems… Everything that we do in our digital lives today is kind of bound by authentication. It is just a validation of who I am as a person and what I’m supposed to have access to on the back end.” – Paul Trulove
“Next generation authentication is going to continue to bind to that zero trust mindset of no longer implicitly trusting someone who says they are who they say they are. We’re going back to a model that says every single time you interact with a digital asset, I want to have a high level of assurance you are who you say you are.” – Paul Trulove
“But between now and 2030, people are going to have to plan ahead for what kinds of data they are collecting, how they’re collecting it, and ultimately how they’re protecting it and utilizing that. Otherwise they are going to run afoul of not just regulations, but maybe consumer trust. ” – Paul Trulove
Resources:
Paul Trulove on LinkedIn
