Tag

SSO Archives - Ilantus Technologies

IAM and SAP: Thick-Client Support

By | IAM | No Comments

You’ve got a powerful ERP solution that helps with resource planning and does a great job of it. There’s no doubt that its SAP.

But, while SAP has Single Sign-On (SSO) to its own solution and to apps that connect with it, it is left outside of the scope of SSO and Provisioning that connects all apps within your Identity and Access Management solution.

SAP is a thick-client app, and pretty much nobody wants to integrate with these kinds of apps. They rationalize that, someday in a distant future, thick-client apps will be entirely replaced by web-based apps, and therefore that their solutions are future proof.

But this future is not very likely and is not the real reason that the bulk of the industry has no solution for these apps. It is because thick-client app support is cumbersome and expensive to develop – and because developing such as solution has a poor ROI as only a small fraction of all business apps are of this kind. It is monumentally cheaper to just provide IAM for web-based apps and bottom-lines are padded nicely.

But you need support for thick-client apps. A security system is only worth its weakest link. Certain industries like banking and manufacturing choose to use thick-client over web-apps for security reasons. It’s safer to use apps that are local when important financial information is being processed. Devices used in the manufacturing industry also must function on thick-client apps because they are not networked by design. And even if you do not fall in one of these categories, you still use apps like SAP. With such a critical app left out of your SSO solution, your security and productivity fall to a lower rating.

ILANTUS Niche Identity, Compact Identity and Cloud Identity solutions all integrate seamlessly with SAP and other thick-client apps. We hold several patents for the technology that enables us to do this and we are the only vendor in the industry who can properly SSO and Provision to thick-client apps.

ILANTUS cares about security and about improving the productivity of your organization. We engineer our products based on 18 years of experience serving customers and know what makes a solution real and viable. That’s why we developed thick-client support, and that’s why you should choose us as an IAM vendor.

 

Identity and Access Management for SMBs with High Feature Usage

By | IAM | No Comments

Most Identity and Access Management solutions have a rough usage of features of around 50%. They are built with one thing in mind – to improve bottom-lines by catering to the common denominator of customers. These are ‘one-size-fits-all’ solutions and the features that they include are what make products just ‘useable’ by all possible kinds of customers. There is no R&D for catering to specific needs. Often, these products are developed with glitzy features that represent the latest trends – not features that form a solid IAM foundation and serve the real needs of organization. These products have a low overall usage of functionalities, a lack of tailored features (for your industry or size segment), and a heavily bloated price as SMBs pay the same price for solutions that are designed for the pockets of large enterprises.

 

Here’s a fact that supports these statements: despite the still-quite-prevalent use of thick-client (desktop) apps such as SAP, next to zero vendors have solutions that integrate with these kinds of apps. The latest trend in Information Technology is the Public Cloud, and because every organization uses Web apps (almost every organization uses thick-client apps too, in truth – just to a lesser degree), vendors only support these kinds of apps and encourage customers to migrate to the cloud. While the Cloud is a powerful (and rapidly becoming essential) technology, it goes without saying that this mentality is not one of serving customers needs by researching what their requirements are and developing their products accordingly. It is a mentality of trying to cater not to real needs but trying to attract customers with the pretense of ‘the latest technology.’

ILANTUS refuses to be party to this kind of behavior. Born in 2000 of a genuine recognition that organizations need data and identity protection and streamline IT security, we have learned from our countless customers that what really works is what is really needed. We realized that the SMB segment was overpaying grossly for solutions that were not built for them. We decided to develop Compact Identity. Compact Identity is public-cloud compatible but is not just another cloud solution. Sporting on-premise and private cloud compatibility too, it was built for SMB pockets and requirements from the ground up. It possesses patented thick-client Single Sign-On capability which is entirely unique in the industry, and with a 95% overall usage rate of its features that are essential to SMB IAM, it is the only product of its kind. It is rich yet simple and agile but powerful and is built with SMB budgets and IT staff limitations in mind.

Why pay more for features that you will never use while missing out of features that you absolutely need? Don’t become a victim the archaic, seller-centric mentality that plagues the vendor landscape today. Compact Identity promises a superior solution at a fraction of the price.

Mission and Core Values of ILANTUS

By | IAM | No Comments

State of the Industry and What It Really Should Be Like

The Identity and Access Management industry is running low on trust now. The industry seems to be flourishing, but is everything really chipper? The CEO of of ILANTUS reveals that “Only 1% of customers in this industry are getting what they need at the right price. Organizations are not getting their entire IAM problems solved.”
The naked truth is that the industry would not exist if it were not for bad actors. If hackers and cyber-criminals did not exist, there would be no IAM. This is not an industry that is based on providing goods and services that people naturally need or want. It is born out of a dark necessity.
Cybersecurity, IAM included, ought to be an industry that is not centered around making profits – it should be based on what’s right. It should be about good people protecting other good people. It needs guardians who feel passionate about serving the greater good – not businessmen who are after a quick buck. The landscape is upside down now. There seem to be many vendors that are selling great products. But it is just a matter of time before, like the pharmaceutical industry, people start getting riled up about organizations who are not thinking about public betterment but only about profits. And even if that time comes decades from today, it is a matter of principle and ethics that participants in this industry start bearing the flag of goodwill and caring. It is simply absent today.

And Justice For All…

ILANTUS was born not of an untapped business opportunity but of the recognition that people need protecting. The Enron scandal and the Sarbanes-Oxley Act (SOX) that followed were the real cause for the emergence of this industry. The purpose of the act was to “protect shareholders and the public from fraudulent practices in enterprises.” ILANTUS recognized not an opportunity to mint money, but a genuine need. We entered the domain with the purpose of setting ourselves about to solve the problem of cybersecurity and fraud. This is why the company has existed as long as it has and despite extreme financial turmoil. We have a vision and a purpose that is meaningful. We want to serve and protect.
ILANTUS started out as a service company – implementing solutions from behemoths such as IBM and BMC. In 2012, we felt that the needs of organizations were not being served by the solutions that existed. We start developing our own products. Difficult as it was – especially since we were not doing too well financially at the time – we started moving our resources into creating products that would be genuine cures for the malady of cybercrime.
6 years later, we are now ready with a suite of products that serve pretty much all use-cases. Our solutions have been thoughtfully developed and innovation not for innovations sake – but for keeping ahead of bad actors – has been core to what we have created.
We now say around the office with a smile, ‘round pegs for round holes’ and ‘cybersecurity for everyone and cybersecurity for each’. This is our bloodline – our essence. Organizations and their customers deserve to operate freely for their honest causes of enriching the economy and providing goods and services that people need. We can’t have blackhats running around ruining everything for everyone.
We do not price competitively – we price for your needs. Even the smallest of organizations can afford our products because we want them to. Nobody is ever turned down, and the quality of our service is the same whether you are a small startup or a Fortune 500 company. Our vision is a world where cybercrime is thwarted where it stands, our mission is to provide powerful and cost-effective solutions that suit the needs of different segments, and our goal is to do this quickly and effectively.
We at ILANTUS believe in our company and its direction. We know the needs and that we have fickle and determined opponents. We stand to serve and protect and care about what we do.

Cinderella’s Slipper for IAM: ILANTUS’ Compact Identity Fits SMEs like a Glove

By | Uncategorized | No Comments

Searching High and Low for a Solution that Actually has Your Small or Medium Enterprise in Mind

Like Prince Charming searching for the girl who fits his glass slipper, you have been searching for the solution that fits your SME organization perfectly. You have looked far and wide – at small and large vendors alike – but the CAs and Oktas of the world simply don’t seem to want to fulfil your needs. They create and sell solutions that are generic and try to sell the same solution to everyone. You pay through the nose for features that you most likely will never use.

Extremely Poor ROI

We have learned, through customer feedback and through the grapevine, that customers often pay millions for IAM solutions that never get fully implemented. They are blocked in utilizing the features that they need by features that are added within the flow of the product but are designed for other kinds of companies. An organization may buy a solution for millions of dollars, see a 1 or 2 year implementation time, and find that only 5 applications have been integrated at the end of this period. They also frequently find themselves on the dashboard of these products, being asked to choose options for features they don’t want – and being unable to progress further in using the solution unless they choose one of the options.

Not to mention that building a product that is designed for every possible use case in mind (while, in truth, many essential use cases are ignored and only ‘popular and easy to answer or easy to sell’ use cases are provided for) is a monumentally expensive task that shows in the end in the customer’s cost.

So many organizations (especially SMEs) are forced by most IAM vendors to purchase extremely expensive solutions that a) don’t have some of the features that are required and b) are bloated solutions that are too complex for a typical SME’s needs.

Refreshingly Honest IAM

ILANTUS Compact Identity is the first solution in the IAM industry that has been engineered and priced especially for SMEs. It has everything that an SME typically needs in terms of Single Sign-On, Password Management, User Lifecycle Management and Access Governance, costs a fraction of what other vendors offer, and isn’t overly complex. This is aside from the fact that it takes only a few weeks – not years – to fully implement.

The (Sad) State of the IAM Landscape

A good standard to judge a vendor – particularly in an industry such as IAM that should have a strong ethical foundation– is whether they cater to the existing needs of organizations by securing them as they are. Unfortunately, the IAM industry is full of vendors looking for just another business opportunity. They create solutions that are responses to the trending IT landscape (eg. Public Cloud), without a care for the actual situation of potential customers. They tell you that cloud is the future (it is), and that you must migrate to it to avail their solutions. The biggest example of this behavior is the complete lack of Single Sign-On and Provisioning support in the industry for thick-client apps. All kinds of organizations still rely heavily on thick-client apps such as ERPs (SAP etc.) and other device specific apps (like in manufacturing). It is both too expensive, and sometimes a poor idea in terms of security to migrate. It is sometimes safer to have a local, on-premise server and app installation than to have it on a Public Cloud. The industry, sadly, has chosen to completely ignore this because ‘the cloud is the future’ and they feel that that’s where the real money is.

ILANTUS Compact Identity features patented technology that can Single Sign-On and Provision to thick-clients. It can also be hosted on public cloud, private cloud, or on-premise.

What is clear here is that organizations (especially SMEs) are currently getting the short end of the stick from the IAM industry. The sharks that have taken over the vendor landscape only really care about bottom lines and not about providing proper security, ease of access, and integrating admin security functions and protecting people the best they can from cyber-threats.

ILANTUS’ Call to Truth

Here’s where ILANTUS is different. It is our vision, mission and core belief that everyone deserves excellent IAM solutions that are suited to their pockets and needs. We believe that solutions should help customers – not bleed them. They should protect them at all costs – not cost them to protect themselves. They should enhance user experience through ease of access (which improves security) and give admins an integrated IT security experience by providing things like an Identity Repository that collects information from Enterprise Directories and HR and presents a unified statement. This, we believe, is our responsibility as an IAM company. Just as the military exists to serve as the defense of a nation, IAM providers exist to protect organizations and their customers from cyber-crime.

ILANTUS is committed 100% to this vision, urges other vendors to do the same, and provides solutions such as Compact Identity which does what other solutions do not – provides cost-effective, perfect-fit cybersecurity that is constantly being improved.

Adding ‘I Am’ to IAM

By | Access Review, IAM | No Comments

The presumption of innocence states that the onus on proving guilt belongs to the accuser and not to the defender. However, Cybersecurity in the past decade, and Identity and Access Management (IAM) in specific, has been more aligned, In principle, with feudal law.

Most users are innocent. They have a right to say “I am. I exist. I have a right to freedom and not to be constantly suspected of harming society.” IAM systems today make them feel the opposite – that “I am NOT. Only hackers are. I must somehow exist within this criminal networking universe.”

The architecture behind most IAM systems is based on proving a user’s innocence. It is becoming increasingly challenging to prove that you are an authorized person with policies such as multifactor authentication.

The user experience at the front end is no different. What with captchas and frustrating user-lockouts when incorrect credentials are entered, despite ~98% of human customers being legitimate and low fraud-risk, most people are put behind metaphorical bars for crimes they have never committed.

And trust is a two-way street. How can you expect your customers to trust you (and more importantly, end users to trust and adopt your SSO solution), if you show no trust in them?

Users must be given the benefit of the doubt. They must be allowed freedom within their networks.

Ronald Reagan said it best. He said, “trust but verify”. This is the direction that IAM architecture and user experience needs to flow in. At the moment, the IAM landscape operates not even in verification mode but in an outright ‘prove-your-innocence’ model.

According to industry analyst ‘Gartner’, “by 2022, digital businesses with great customer experience during identity corroboration will earn 20% more revenue than comparable businesses with poor customer experience.” This is because in our evolving, networked world, customer experience is becoming one of the single most important reasons to buy from a business. Competition is perpetually increasing, innovation is cut-throat and always cutting edge, and people actively educate themselves before making purchases.

And user experience is exponentially more important in products such as Single Sign-On and Password Management which are targeted at businesses. A poor user experience results in low adoption of the solution (Read: Combating Low User Adoption).

IAM vendors need to change their mindset and play a different game.

Instead of just jailing customers out of their apps until they prove that they are worthy of access, they must use their own intelligence in the form of computer learning, behavioral analytics, etc.

In 2017, Gartner suggested a good framework for building IAM systems that treat customers fairly:
1. Identify Signs of Legitimate Behavior (Good Customers)
2. Identify Evolving Attack Methods and Patterns (Criminals)
3. Apply Intelligent, Context-Based Adaptive Access to Customer Interactions

A technology that is solving the issue in terms of architecture is Adaptive Authentication. Already available from many vendors, it revolves around using intelligence to differentiate between genuine and fraudulent access attempts (Read: Adaptive Authentication: The Hacker’s Waterloo).

However, it is the basic attitude behind our attempts to protect users that needs to change. Hacking makes headlines, but in terms of statistics is a low-priority use of the internet. We must assess the reality of security risks and design our solutions accordingly. Simply building as many walls as possible is not the answer – we must create intelligent, responsive gateways if we want IAM adoption to grow.

Your Identity is now the target of hackers. Identity is the new attack surface

By | IAM | No Comments

In 1988 Robert Morris, a student at Cornell University, created the first computer worm. Nicknamed the ‘Morris Worm’, the origin of this computer virus was a simple curiosity – Morris wanted to get an idea of the size of the internet. This worm’s attack vector (path of attack) was to exploit known vulnerabilities in computers at the time.
On 28 March 1994, the Rome Air Development Center – a US Air Force research facility – discovered that a password ‘sniffer’ had been installed onto their network. Many accounts were compromised. The vector of this attack was simply to hack into the Air Force’s systems and plant the virus.

Both these attacks are key events in the history of cybersecurity. And both had attack paths that relied upon poor programming and weak firewalls.

Fast forward to late 2016. The personal information of 57 million Uber users and 600,000 drivers was exposed. The attack vector? Simple identity theft. The hackers accessed Uber’s GitHub account, where they found access credentials to Uber’s Amazon Web Services account. Github is a web-hosting service. Amazon Web Services (AWS) is an on-demand cloud-computing platform.

Identities are the true trojan horses of the cyber world. Instead of wasting time with researching vulnerabilities in target systems and creating complex programs to exploit them, hackers are now on ‘cruise’ mode. They simply wait for people to write down one or more of their numerous passwords in a computer document or on a sticky note, pick it up, and enjoy anonymous access to confidential data for potentially infinite periods of time. Because the source of the hack is not an infection that leads to unauthorized access, but instead seemingly legitimate access from a genuine identity, this kind of breach can take very long to detect and is exponentially more dangerous.

This challenge is largely solved by Single-Sign-On (SSO) and Multi-Factor Authentication (MFA) technologies. SSO enables users to log in to all their apps and systems with just a single password. This reduces the number of passwords required to be remembered and eliminates confusion that results in people noting down or saving their numerous passwords in a document on their machines. MFA protects identities further by forcing authentication on multiple levels. Here, credentials-based authentication is further protected by challenge-response questions, SMS or Email OTPs or even biometrics. Both these features form the base of most available IAM solutions.

Not only do IAM systems protect against unauthorized access, they typically offer solutions for managing user access rights and trends. Ie. you can use them to govern and even automate the different accesses that someone may have to different systems and apps used by your organization. A package deal is not hard to come by in this industry.

Protecting identities is of far more pressing importance than safeguarding apps and systems against unauthorized access. By securing an identity you protect the very root of the access mechanism. Shielding apps and systems from hackers only insulates the last barrier in the access vector. Using chess as a metaphor, identity management protects your king but firewalls and antiviruses only protect your pawns.

To conclude, gone are the times of hackers using their own technology to hack into your systems. Even the time piggybacking credential-sniffers through malicious emails and malware is at an end. Identity is the new attack surface. It is in your organization’s interest to protect against this threat with an IAM system that works for you.

3 Essential Tips for Choosing an IAM Vendor

By | IAM | No Comments

The Identity and Access Management market is still defining itself in terms of products, services and sellers. While, like in any industry, there are already market leaders, newcomers, and niche players, not all vendors (even the top ones) here offer everything possible that all organizations might need. Exercising discernment in the selection of a seller and/or a technology here is of extreme importance.

Here are 3 simple tips for evaluating an IAM vendor:

1) Be aware of who you are and what your needs are. Match vendors based on this information.

Technologies and vendors that are not industry standard can often suite your requirements much better. You must know, clearly, what kind of company you are (size, sector, organizational structure and goals).

For instance – if you are a small or medium sized organization and in a high threat industry (perhaps you process very sensitive data), you might want a cost-effective IAM package with powerful modules for Single Sign-On (SSO) and Password Management plus Access Governance (since your insider threats will be as big or bigger than outside ones.)
Not all players offer all of this, and those that do are often too expensive since they typically sell each module as a separate solution.

Likewise, an organization in a high staff-turnover environment will need an able Lifecycle Managementsolution. Here, you must look for a vendor that specializes in this area.

Another example is if you are looking to migrate your IAM environment to the Public Cloud, you will need to find a company that specializes in what is called Hybrid Identity. Such a company alone will have the tools and knowledge to integrate your old technology seamlessly with the Public Cloud.

These are just a few examples, but do your research, ask your potential seller to help you identify your needs, or even hire an IAM consultant so that you really know what you need and who can provide it.

2) Look for quality delivery of the core functionalities that are essential to you.

Vendors may pad their armor with hyped-up functionalities such as support for BYOD, Mobility, Big Data etc. However, you might need to assess whether their modules for basic SSO, Password Management, Lifecycle Management or Access Governance possess adequate depth.
For example – provisioning to Active Directory® and cloud applications may not be the most important thing if you need a quality Workflow Approval feature or enterprise application connectors.

You may also use a lot of thick-client apps in your organization. Many industries such as Manufacturing, Banking BPOs and Pharma use such apps daily. To support these apps, technology is required that is uncommon in the industry today. You will need to find a quality niche vendor in this case.

3) Ask about implementation times, procedures and for case studies.

Businesses in this industry often fail to deploy and sustain their solutions not because of flaws in their products but due to inexperience and a lack of services capability.
IAM systems often need extensive implementation. Some companies are extremely slow, taking over a year to implement their solutions – watch out!

The IT industry is full of solutions that may sometimes have a division between the creation of the product and its implementation. Find out if your vendor is the creator of the product that they are offering to implement, and vice-versa – ask if they are going to implement the product they are offering you or outsourcing. In most cases, you want to buy a solution that has been created and is being implemented by the same business. The total cost is often much lower, support and implementation times are reduced, and troubleshooting is much easier.

With Identity becoming the newest (and final) attack surface for hackers, IAM is your last line of defense and will soon become an absolute necessity. The consumer Identity and Access Management (IAM) market is expected to grow from USD 16.00 billion in 2018 to USD 37.79 billion by 2023. As your organization boards this train, keep in mind these 3 tips from IdentityInsider. It will orient you correctly in your search phase and save you the frustration of choosing the wrong vendor.

Password Habits: Fulfilling the Hacker’s Dream!

By | IAM | No Comments

We all have it and we all suffer from it: Password Overload. Six out of ten businesses say that remembering passwords has a negative effect on user productivity. Password overload is a real problem not only when it comes to being able to remember all those passwords, but it is a password security risk that can put an entire organization in danger.

In a recent Digital Guardian survey, 30% of the respondents told the survey that they had too many passwords to count. And no wonder because the average email address in the US is associated with 130 accounts (think about that and how many accounts you are associated with!). And as we all know, difficulty in remembering passwords can not only drive us crazy, it also drives a risky behavior.

So, what’s your behavior when it comes to finding a way to remember passwords?
Could your habits be a threat? Do you have a tendency to reuse old passwords? Do you write down all your passwords on a piece of paper? Do you keep them in a file on your computer? Do you keep them in a file on Drop Box? Do you save them as contacts on your phone? Do you have an opportunity to use a password manager? Is your behavior risky?

It is clear that people rely on a multitude of tactics to remember their passwords for the many digital services they access. Far too many users rely on outdated and insecure password practices because remembering passwords is so hard, people often use the same easy password for multiple accounts and that’s a hacker’s dream – 90 percent of employee passwords can be figured out in six hours, according to Entrepreneur.com while 68% of people want their companies to provide an extra layer of security.

Image Source: digitalguardian.com

So, what’s the best way to remember of all those passwords? Use a strong password practice with inbuilt security that relies on a robust primary password that you won’t forget. Enterprise users can achieve this through Single Sign-on that is secured with a Password Manager. With ILANTUS Xpress Password and ILANTUS Single Sign-on, employees can achieve it all with one password to remember that unlocks all applications without each having have their own passwords. And like a mobile phone with stored phone numbers, you don’t need to remember all of them…one click and you’re in with that one secured password that was easy for only you to remember and strong enough to protect the organization through the ILANTUS Enterprise Password Management solution.

Hackers count on our lazy risky habits. Let’s change that now.

Midsize Organizations are Stuck in the Middle Ages When It Comes to IAM. ILANTUS Pulls the Sword from the Stone.

By | IAM | No Comments

According to industry analyst Gartner (http://www.gartner.com), the midsize enterprise operational environment is not “a simplified variant of large enterprises. They need most, if not all, of the IT capabilities a large enterprise needs, just at a lesser scale”. Gartner expounds that “midsize enterprises need to execute within the bounds of a limited IT budget (usually less than 20 million.)” The IAM industry is still in the Dark Ages when it comes to midsize organizations. Vendors have been turning a deaf ear to the needs of the segment as it is easier to create generic products than it is to create options. ILANTUS illuminates this black shadow with Compact Identity.

Compact Identity is a revolutionary product that has been created specifically for SMEs and their typically tight pockets. It fulfills all of Gartner’s recommendations for ‘IAM for the midsize sector’ and goes a mile further. Compact Identity is a compressed IAM solution that is not just a ‘simplified variant’ of large enterprise IAM.

Compact Identity sports Single Sign-On, Password ManagementUser Lifecycle Management and Access Governance modules. Other vendors will require you to purchase multiple products – often from different developers – to meet all your needs. You will typically pay an arm and a leg – and buy features that you do not need and miss out on features that are tailored to your size of organization.

Here are some other facts from Gartner. They say that “1 in 4 midsize enterprises does not have a dedicated information security role in-house” and that “<50 in IT Midsize enterprises are faced with organizational design and staffing limitations (usually fewer than 50 people in IT.)” Compact Identity is built to suit such environments. Due to its simplified user experience and automated architecture, it requires minimal IT skill and personnel involvement to function optimally.

Another fact is that “security is always listed as a primary challenge for midsize enterprises Year on Year.” The challenge is the availability of solutions that fit SME budgets and that are built for them, and not for large enterprises.

One last ringing truth is that “midsize enterprises are increasingly being targeted by advanced attacks from sophisticated hackers.” This is a reality within our ‘age of opportunity’. Large enterprises are no longer the kingpins that they once were – and nor are they any longer the sole target of malicious attacks. Your midsized company is also a potential target. The only solution is to recognize this new landscape and realize that IAM is no longer a luxury.

Finally, Gartner asserts that “’good enough’ security exposes midsize enterprises to unacceptable risk levels; exceeding ‘good enough’ security impacts budgets.” Compact Identity provides ‘good enough’ security with ‘more than enough’ features.

ILANTUS is unique. We care about providing solutions suited to your needs rather than to common, overarching requirements. We honor your uniqueness with Compact Identity.

Combating low employee adoption of IAM solutions

By | IAM | No Comments

Gartner predicts that by the end of 2018, $93 billion will be spent every year on cybersecurity. And yet, breaches have risen by 45% in 2017. These numbers are not in sync. IAM is of emerging importance within the field of cybersecurity and according to Forrester, global spending on it will exceed $13 billion by 2021.
The main reason for this discrepancy is a slip between the cup and the lip – the adoption of the purchased and implemented cybersecurity solutions is low.
No matter how much is spent on IAM technology, it is useless if employees do not utilize it.

The main reason for low adoption is the same reason humans as a race are slow to change – behavior simply holds inertia.

Combating this inertia is a matter of perseverance and creativity. The invention of Single Sign-On and Auto-Login from a Windows Login are already on the right track. Patience and tenacity aside, the use of technologies that are designed with simplicity and user-friendliness in mind can go a long way in encouraging adoption.

A secondary reason is that existing systems are still quite cumbersome and rely too much on help-desks. The element of bureaucracy and the wastage of time and energy involved in dealing with help-desks can be discouraging. Multi-Factor Authentication (MFA) increases security exponentially but also adds more steps between a user and his access. Biometrics are now becoming cost-effective but are still not an industry standard.

Time and creative inventions from vendors are required to bridge this gap.