Managing Director, Technology Business Strategy, Venable LLP
What do Regulators Want?
FIDO and other next-generation approaches to MFA have excited developers, product designers, and security professionals alike – but in many organizations, compliance professionals may have questions, and wonder how regulators will view the use of something “new” like FIDO.
This session will dive into the ways that regulators around the world have updated their guidance over the last few years to reflect the emergence of the FIDO standards – and in some cases, express a preference for FIDO over legacy types of MFA based on shared secrets.
This session will also outline some of the outdated approaches to authentication regulation that still pop up from time to time in some jurisdictions, and detail how FIDO Alliance has helped to dispel some tired myths about MFA that have led to bad policies in the past.
As authentication technology evolves, policy needs to evolve with it. Today there are several excellent models regulators and policymakers can look to when considering updates to legacy policy.