It's All About Authentication

Information security professionals, seeking to reduce vulnerabilities in their organizations, are presented with an ever-increasing variety of options that range over several subsets of the information security landscape. Given the rapidly decreasing financial resources available for IT infrastructure and a mandate from management to maximize a return on investment for security technologies, in what specific area of the information security landscape should an investment be made? This paper categorizes and then simplifies some of the core fundamentals of electronic security controls and mechanisms and concludes that authentication is the single most important aspect in information security. It also challenges the validity of other security controls that may be adopted by organizations prior to implementing a strong and robust authentication system.