persona-logo
Published November 24, 2025
Last updated March 10, 2026

Continuous workforce identity assurance: Our key focus at the Gartner IAM Summit

Ahead of the 2025 Gartner IAM Summit, see why continuous workforce identity assurance matters, and what Persona is building to secure every stage of the employee lifecycle.
Joshua Rodriguez
Joshua Rodriguez
5 min
Why Continuous Workforce Identity Assurance Matters in 2026
Key takeaways
Continuous workforce identity assurance is now a critical security control as GenAI-driven deepfakes, social engineering, and credential fraud rapidly increase.
Persona is building a new workforce security model that brings continuous identity assurance to every stage of the workforce journey, including new workforce integrations, risk-based verification flows, and candidate identity verification.
Persona is highlighting workforce identity verification as a rising priority at the 2025 Gartner IAM Summit, reflecting the industry-wide shift toward stronger identity assurance across the employee lifecycle.

Security leaders are rethinking how they establish and maintain identity assurance across the employee life cycle as workforce fraud and AI-driven impersonation accelerate. 

And as threats increase, confidence is dropping. At a recent CISO event, more than 85% of security leaders told us they’re only somewhat confident or not confident at all in their ability to handle GenAI-enabled fraud.

That gap between rising threats and shrinking confidence is why continuous identity verification is becoming a critical control rather than a one-time onboarding task.

Below, we unpack the forces driving this shift and how our platform is evolving to meet this new reality.

We’ll be sharing more on continuous workforce identity verification at the 2025 Gartner® IAM Summit, where our session explores practical strategies for defending workforce IAM against GenAI-powered attacks.

Today’s workforce security requires continuous identity verification

In the past, workforce identity verification (IDV) was a one-time onboarding formality. Now, it’s one of the most critical parts of the security stack.

Identity threats are becoming more sophisticated and persistent:

  • GenAI-powered deepfakes are increasingly difficult to detect with visual models alone. At Persona, we’ve seen deepfake-driven attacks increase 50x over the past few years.

  • Social engineering and impersonation attacks are surging, driven by more sophisticated techniques. CrowdStrike reports a 442% jump in AI-powered voice phishing attacks, and 79% of initial access incidents are now malware-free.

  • Credential-based attacks are accelerating, with 35% of cloud incidents linked to compromised credentials.

Distributed workforces compound these risks by eliminating the certainty of in-person identity checks. To keep employees and systems secure, security teams need IDV that works across distributed devices, locations, and workflows.

Taken together, these trends show that identity risk evolves long after day one of onboarding — which is why organizations need continuous identity assurance, not just a one-time verification.

Benjamin Chait, Product Manager at Persona, summarizes it well:

"Identity verification isn't about replacing your existing authentication tools. It's about binding an identity to a credential when it matters most, and maintaining that assurance continuously throughout the employee journey."

This matters because authentication tools like MFA, SSO, and passwordless options are still essential, but they need another level of continuous identity verification to ensure the person behind those credentials is legitimate every time they log in.

Identity is now the primary attack surface across the employee journey, and it’s not enough to verify it once. 

Persona’s roadmap: What we’re building to help security teams adapt

Workforce identity verification has become a more prominent category in enterprise security architecture, a trend echoed in recent Gartner research. In the 2025 Gartner® Magic Quadrant™ for Identity Verification Gartner highlighted workforce identity verification as a key use case, named Persona a Leader, and ranked us #2 in the Workforce Use Case in the Critical Capabilities report.

To support this growing need, we’re evolving our workforce identity verification solution to form a new workforce security model: continuously verifying that the person behind a credential is legitimate, at every moment of the employee life cycle. 

We’re building new workforce security products based around three key goals:

1. Unifying IAM, HRIS, and ITSM to power smarter, automated verification

Continuous workforce verification depends on how well your systems talk to each other. Persona’s Workforce IDV is built to sit at the center of your existing stack, pulling in the right data and triggering the right workflows across:

  • IAM platforms (Okta, Cisco Duo, Microsoft Entra ID) for access decisions and policy enforcement

  • HRIS systems (Workday) as the source of truth for employee identities and life cycle events

  • IT service management tools (ServiceNow) where access changes and recovery requests are tracked

This expansion of integrations makes it easier for organizations to operationalize identity verification in a consistent, scalable way.

2. Adaptive, risk-based verification throughout the employee life cycle

Not every interaction needs the same level of assurance. Teams need the ability to trigger different verification flows based on context and risk levels without having to manually create and manage custom workflow variations. 

To enable smarter, context-driven verification, we’re expanding our capabilities around:

  • Application-level verification policies (enabling identity verification before accessing specific applications) 

  • Geolocation and device-based triggers

  • Configurable thresholds for adaptive step-up verification

  • Recurring verification to validate workforce integrity continuously

This ensures teams can verify identity precisely when risk increases at key moments during account recovery, privilege elevation, new device login, or sensitive access requests. And to make those decisions smarter and more accurate, we’re also investing in richer risk signals and behavioral insights that detect deepfakes, synthetic identities, and suspicious activity.

3. Stronger candidate identity assurance

Attackers are increasingly exploiting the hiring process — from synthetic or stolen identities to fraudulent applicants and even organized threat networks like North Korean IT workers — to infiltrate organizations before a credential is ever issued. To defend against this, we’re extending identity assurance into the candidate life cycle:

  • Pre-access identity proofing

  • Document, liveness, and device checks during hiring

  • Fraud and synthetic identity detection during hiring

  • Identity-to-credential binding once hired

Candidate verification closes one of the largest blind spots in workforce security: the moment before someone becomes an employee. As we extend identity assurance earlier in the lifecycle, we’re also enhancing data protection, residency, and privacy controls to give teams greater control over handling candidate and employee data.

Learn how to strengthen workforce IAM with us at Gartner IAM

Our evaluation and ranking from Gartner validates the reality that workforce identity verification is becoming a critical security control.

We’re proud to integrate with Okta and serve several Fortune 500 customers to build stronger identity assurance across their workforce. Together, we're proving that you don't have to choose between security and the employee experience in order to strengthen your workforce security posture.

Join us at Gartner IAM Summit 2025 to learn how to safeguard tomorrow’s workforce access and strengthen your security stack with Persona. Register here.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, MAGIC QUADRANT is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.

Gartner, Magic Quadrant for Identity Verification, Akif Khan, Nayara Sangiorgio, James Hoover, 25 August 2025

Gartner, Critical Capabilities for Identity Verification, James Hoover, Akif Khan, Nayara Sangiorgio, 26 August 2025

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

The information provided is not intended to constitute legal advice; all information provided is for general informational purposes only and may not constitute the most up-to-date information. Any links to other third-party websites are only for the convenience of the reader.
Joshua Rodriguez
Joshua Rodriguez
Joshua Rodriguez is a product marketing manager at Persona covering fraud and workforce identity. You'll find him around the Bay Area exploring parks and museums with his wife and two kids.
Continue reading