Entrust IdentityGuard: Federation ModuleManage & Secure Access to Cloud-Based Services and Networksvia Existing User Credentials Solution BenefitsOrganizations are increasingly moving toward cloud and software-as-a-service (SaaS) • Leverage organizational identities toapplications. In many cases, they are forced to create a new set of identity credentials access cloud and inter- and intra-networkfor end-users and, typically, these identities are based on insecure, outdated applicationsusername and password approaches. • Reduce the number of IDs per userAs organizations move more services to the cloud — such as email, CRM and other • Single sign-on (SSO) across multiple servicesapplications — the number of user identities grows at an exponential rate. • Integration with SaaS/cloud services (e.g., Microsoft 365, Salesforce.com)This leaves end-users with the burden of managing multiple usernames and • Standards-based approach simplifiespasswords for each service, not only causing frustration but also hindering security integration (e.g., SAML and OpenIDeffectiveness. This approach introduces many obstacles. identity providers) • Strong second-factor authentication to cloud-based services • Forgotten usernames and passwords, a frustrating experience that drives • Widest range of cost-effective password reuse, thus reducing overall security authentication methods to meet • Adhering to many differing password policies required by the SaaS/cloud provider unique user requirements • Passwords are a weak form of authentication that have low upfront costs, • Flexible to meet current and future security priorities but a high total cost of ownership (TCO) and inherent security risks • Based on award-winning Entrust IdentityGuard software authentication platformSecure Network ExpansionIn addition to cloud access, organizations extend access to their networks withthe goal of increasing productivity and streamlining business. But, in doing so,organizations may need to implement an entirely new user-access infrastructure.Unfortunately, this likely introduces another set of usernames and passwords forend‑users to manage. While the use cases of inter- and intra-company access and clouddiffer slightly, the constant thread is the need to provide consistent and secure access.Simple username and password authentication is insufficient protectionagainst unauthorized access to cloud-based services. A strong second factorof authentication is required to properly authenticate individuals accessingcloud‑based services to protect from theft or altering of sensitive information.The type of authenticator used, its strength and total cost may be differentdepending on what it is protecting, the usability requirements of the officers andbudgetary constraints.
COMPREHENSIVE FEDERATION OF USER IDENTITIESAn extension to the Entrust IdentityGuard software authentication platform, the Entrust IdentityGuard Federation Module allowsorganizations to manage and secure access to cloud-based services by federating existing user credentials.The solution enables organizations to federate identities Organizations may integrate with some of the most popularto securely access other networks (e.g., partnering cloud-based services (e.g., Microsoft 365, Salesforce.com),organizations), reducing reliance on usernames and which allows end-users to have consistent, simple and securepasswords, as well as improving both security and the access to cloud-based services or other organizations.end‑user experience.FEDERATION MODULE: HOW IT WORKSThe Entrust IdentityGuard Federation Module enables secure access to a variety of distinct networks — whether they are within theorganization or are external (e.g., cloud services, and/or a partnering organization). Simply, organizations require a secure meansto access information contained within these entities.Leverage Existing Digital IDs Extend Security InvestmentThe Federation Module allows users to leverage existing Unlike other federation solutions on the market, Entrust’scorporate IDs to access specific external network segments federation module is based on the award-winning Entrustand cloud-based services — all without having to introduce IdentityGuard software authentication platform, whichor issue another set of identity credentials. The solution enables organizations to inherit the strong identity offeringsis based on industry-wide standards such as SAML and already provided by the platform.OpenID, allowing organizations the assurance of integration,compatibility and future extensibility. Cloud Physical/Logical Access Mobile Transaction Signing User Self-Service SOFTWARE AUTHENTICATION PLATFORM Comprehensive Integration Advanced APIs Seamless Co-Deployment Flexible Policy Engine Authenticator Suite
AWARD-WINNING AUTHENTICATION PLATFORMEntrust IdentityGuard secures cloud and network access for many of the world’s leading enterprises, governments and financialinstitutions. It serves as an organization’s single comprehensive user authentication platform and authenticates identities prior toaccessing sensitive cloud-based services or computer networks.All Authenticators, One Platform Evolve to Address New RisksEntrust IdentityGuard offers a broad range of user authentication This approach provides a single point of administration,methods including physical (e.g., a one‑time‑passcode token regardless of the authentication option or combinationor grid card), mobile- and smartcard-based, or online of options deployed.(e.g., passwords plus questions and answers). Organizations are able to evolve and change authenticationOrganizations may deploy authentication methods that methods over time as the risks and the operatingare convenient and simple to use, ensure strong user environment change.authentication of the user, and meet the budgetaryrequirements of the organization. Transaction Verification Mobile Device Mobile Soft Token Certificates Mobile Smart SMS Credential Device 2 Smartcards Authentication Grid / eGrid and USB Knowledge Based OTP Tokens 18.104.22.168.108 LOGIN IP-Geolocation Digital Transaction Password Certificates Signing Mutual Authentication Biometrics Software Authentication PlatformEntrust’s flagship authentication solution, Entrust IdentityGuard continues to lead the industry as one of the most robust software authentication platforms,delivering an unmatched breadth of capabilities and flexibility to meet the most demanding security environments.