Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector news

AT&T : The value of efficient and effective authentication at your business

09/13/2021 | 10:22am EDT

During my career at AT&T, which has spanned decades, I've watched as our employees, customers and other companies continue to struggle with passwords. This has always struck me as a little surprising because passwords are so comfortable. Everyone knows how to set up and use passwords.

And yet, the struggle continues.

The familiar challenge with passwords is that there are just too many of them. The tools offered to support simplification, such as password managers, are often clumsy and do not cover all use cases. As a result, some people still resort to carrying around small paper booklets with alphabetized listings of passwords that are scribbled down, crossed out, reused and erased.

It's not unusual for someone to have literally hundreds of different passwords for everything from corporate VPNs to online gaming systems. We hear this every day from customers.

The challenge is complicated by multifactor authentication, which was created to reduce the risk of password guessing or stealing. Methods such as mobile push notifications or biometric scanning are used to improve the security of access to corporate networks, web applications, entertainment systems and more.

They are straightforward to use, but they do require that the user have access to an additional proof factor such as a mobile phone. Perhaps worse, they are usually combined with the continued use of passwords, which can be a serious vulnerability.

This is a really important topic. I would rate authenticated identity at the top of any list of hot security issues. The majority of headlines you read about breaches and ransomware involve someone getting into a system through a problem with access credentials.

Authentication in Business and Government

The biggest issue with authentication in a business or government context involves friction. That is, at a time when organizations want their online systems to be easy to use, passwords and two-factor authentication often increase user frustration.

This is especially true for government online systems which must support a wide range of use cases for citizens. For example, it cannot be assumed that every citizen has a government-issued ID or possesses the physical attributes to support a certain type of biometric system.

Based on my experiences at AT&T dealing with many different authentication scenarios, including for our massive employee base, I'd like to offer some practical suggestions.

Obviously, the steps offered below will need to be tailored to your local situation. But hopefully they can serve as a useful resource. Here they are:

Step 1: Take an Inventory.

This first step might seem obvious. But when I speak with business leaders about their authentication challenges, it often becomes clear that they don't know what they have deployed today. Consider, for example, that employees might be using one type of authentication system, perhaps with single sign-on (SSO) for multiple applications. This system might be configured differently across various regions, subsidiaries or acquisitions.

Furthermore, partners and suppliers might be using a different authentication approach. And customers might be using a totally separate means for authenticating to products, services and resources.

This implies that before management decisions can be made about more efficient authentication, an inventory is needed. I wish I could tell you that there was a simple automated tool that can discover these systems, perhaps by crawling your network. But the truth is that the only way to get the facts is to create a management initiative that collects data from relevant systems and that solicits information from business unit leaders and their supporting security teams.

This process is easier said than done - but it is necessary.

Step 2: Identify and Prioritize Threats.

This next step is to examine your cybersecurity goals. At AT&T, we understand cyber risk protection initiatives must be a primary concern, especially with the emerging cloud, fiber and 5G infrastructure we support. But even within a modern Internet Service Provider (ISP), cyber threats must be prioritized. Threats targeting sensitive data or ones that can cause outages to critical infrastructure, for example, are particularly high priority and will always have my team's fullest attention.

For your situation, the threat prioritization should be driven by the specifics of your mission. The security concerns that exist within a civilian federal agency, for instance, will be different than the threats that affect our military.

Even within the civilian sector, differences will emerge. An administrative bureau, for example, might not prioritize online network availability in the same way that a consumer-facing bureau might. Each organization will have unique threat profiles, and these must be factored into the local authentication requirements.

Step 3: Define the User Experience.

This step involves determining the factors related to user experience. In almost all cases, this will involve removal of sources of friction - but there are exceptions. Designers of systems that manage the safety of a nuclear power plant, for example, are likely to prioritize high function over a frictionless experience. That said, nuclear operators must never be prevented from accessing a system in an emergency - so the balancing act results in a tough challenge for authentication system designers.

In all situations, it is best for the security team to understand the objectives of the user experience. This should include clarity on how employees, suppliers, customers and any other stakeholders should be authenticating to access resources.

The user experience will also be influenced by requirements for federation to popular identity systems, adherence to budget pressures and matching the authentication process to the local situation (e.g., home office, factory floor, busines office, military camp).

Step 4: Plan Your Authentication Transition.

Once you've completed your inventory, identified threats and defined the user experience, it is time to begin planning your journey to efficient and effective authentication. This will likely involve discussions with new vendors - and our teams at AT&T Cybersecurity and AT&T Public Sector are certainly here to help. As you develop your roadmap, especially in the federal government, initiatives are influenced by budgets, priority shifts and other factors - and we can help.

An option to consider is our joint venture with other major US wireless providers to develop the innovative ZenKey authentication. ZenKey utilizes the power and reach of domestic mobile carriers to create an effective option for many - using a combination of wireless network signals to verify identity.

Regardless of the solution you choose, I hope your management roadmap leads to a successful implementation of effective and efficient authentication.


AT&T Inc. published this content on 13 September 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 13 September 2021 14:21:04 UTC.

© Publicnow 2021
All news about AT&T INC.
10/21GLOBAL MARKETS LIVE : Tesla, Unilever, Paypal, Elliott, Novartis...
10/21NDEAM : Taking the ‘dis' out of job opportunities for those with disabilities
10/21AT&T : FirstNet and O2X Bring Health and Wellness Training to First Responders
10/21Today on Wall Street: TRUTH will prevail
10/21AT&T : Thinking about buying stock in First Wave BioPharma, Ford, AT&T, FTC Solar, or Tris..
10/21AT&T : Says Company Experiencing Some Stress Due to Supply Chain Issues
10/21AT&T : Reports Mixed Third-Quarter Results While HBO Subscribers Seen Reaching High End of..
10/21AT&T : Reports Higher Q3 Adjusted Profit while Revenue Drops; Updates 2021 Outlook
10/21AT&T : Third-Quarter Earnings Financial and Operational Schedules & Non-GAAP Reconciliatio..
10/21AT&T : Supplemental Quarterly Pro Forma Financial Information
More news
Analyst Recommendations on AT&T INC.
More recommendations
Financials (USD)
Sales 2021 169 B - -
Net income 2021 19 875 M - -
Net Debt 2021 157 B - -
P/E ratio 2021 9,29x
Yield 2021 8,17%
Capitalization 182 B 182 B -
EV / Sales 2021 2,01x
EV / Sales 2022 2,18x
Nbr of Employees 214 840
Free-Float 93,6%
Chart AT&T INC.
Duration : Period :
AT&T Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends AT&T INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus HOLD
Number of Analysts 28
Last Close Price 25,49 $
Average target price 31,63 $
Spread / Average Target 24,1%
EPS Revisions
Managers and Directors
John T. Stankey President, CEO, COO & Director
Pascal Desroches Chief Financial Officer & Senior Executive VP
William E. Kennard Independent Chairman
David S. Huntley Chief Compliance Officer & Senior Executive VP
Matthew K. Rose Lead Independent Director
Sector and Competitors
1st jan.Capi. (M$)
AT&T INC.-11.37%181 995
T-MOBILE US-13.33%145 850
AMÉRICA MÓVIL, S.A.B. DE C.V.20.36%56 355