MOBILE FOR STRONG IDENTITYTURNING THE MOBILE DEVICE EVOLUTION IN YOUR FAVORDAVID MAHDI – PRODUCT MANAGEMENT & MARKETING EN...
WHAT DO THESE HAVE IN COMMON?May 24, 2013© Entrust Inc. All Rights Reserved. 1
May 24, 2013© Entrust Inc. All Rights Reserved. 2
May 24, 2013© Entrust Inc. All Rights Reserved.3
May 24, 2013© Entrust Inc. All Rights Reserved. 4
SO……..?May 24, 2013© Entrust Inc. All Rights Reserved. 5
PASSWORDS! HAS ANYTHING CHANGED?May 24, 2013© Entrust Inc. All Rights Reserved. 6
SO WHAT, PASSWORDS ARE EASY &CHEAP?!WHY SHOULD I CARE?
HEARD OF BREACHES…
MORE BREACHES…*TechCrunch
AND MOREMay 24, 2013© Entrust Inc. All Rights Reserved. 10*CNET
IDENTITY CHALLENGES ABOUNDMay 24, 2013© Entrust Inc. All Rights Reserved. 11Security Threats and Risks GrowingPasswords ar...
STRONG AUTHENTICATION – WHAT ARETHE TRADITIONAL OPTIONS TODAY?
TRADITIONALAUTHENTICATORS• What are the common types of authenticators today?• Let’s have a look…May 24, 2013© Entrust Inc...
EVALUATING THEAUTHENTICATORS:TRANSPARENT AUTHENTICATIONPro Con• Minimal user involvement– highusability• User interaction ...
EVALUATING THEAUTHENTICATORS:HARDWARE TOKENSPro Con• Proven / familiar• No hardware to deploy to readOTP• Single purpose• ...
EVALUATING THEAUTHENTICATORS:PAPER (INERT) TOKENS – GRID CARDSPro Con• Easy to use• Multiple forms• Combine with identity ...
EVALUATING THEAUTHENTICATORS:BIOMETRICSPro Con• Very secure / hard to clone• There always with us- we hope!• Shared reader...
EVALUATING THEAUTHENTICATORS:PKI (CERTIFICATES)Pro Con• Very secure (hard to clone)• Easy to use (transparent)• Extensible...
EVALUATING THEAUTHENTICATORS:SMART CARDSPro Con• Very secure• Easy to use• Multipurpose (LACs, PACS,Employee badge, flash ...
AS THE WORLD PROGRESSES… WHAT’S NEXTmoreSecuremoreCosteffectivemoreMultipurposemoreConvenient
MOBILE IS POISED TO DISRUPT THISSPACE!
MOBILEHOLDSTHE PROMISEFOR THE NEXT GENERATION OFIDENTITYGeoLocationBiometricsSecureElementCryptoApplicationPlatform“Out of...
WHAT CAN IT DO?Mobile devices can easily be provisionedwith additional or temporary authenticatorsSoftTokenOOBTransactionV...
MANY USE CASESMulti-purpose Identity• Physical access• Logical access• Windows logon• VPN & Web apps• Cloud applications• ...
CONCLUSIONMay 24, 2013© Entrust Inc. All Rights Reserved. 25Security Threats and Risks Growing IAM Will get harderMobile i...
Smart Cards & Devices Forum 2013 - Security on mobile
Upcoming SlideShare
Loading in...5
×

Smart Cards & Devices Forum 2013 - Security on mobile

224

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
224
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Smart Cards & Devices Forum 2013 - Security on mobile

  1. 1. MOBILE FOR STRONG IDENTITYTURNING THE MOBILE DEVICE EVOLUTION IN YOUR FAVORDAVID MAHDI – PRODUCT MANAGEMENT & MARKETING ENTRUST
  2. 2. WHAT DO THESE HAVE IN COMMON?May 24, 2013© Entrust Inc. All Rights Reserved. 1
  3. 3. May 24, 2013© Entrust Inc. All Rights Reserved. 2
  4. 4. May 24, 2013© Entrust Inc. All Rights Reserved.3
  5. 5. May 24, 2013© Entrust Inc. All Rights Reserved. 4
  6. 6. SO……..?May 24, 2013© Entrust Inc. All Rights Reserved. 5
  7. 7. PASSWORDS! HAS ANYTHING CHANGED?May 24, 2013© Entrust Inc. All Rights Reserved. 6
  8. 8. SO WHAT, PASSWORDS ARE EASY &CHEAP?!WHY SHOULD I CARE?
  9. 9. HEARD OF BREACHES…
  10. 10. MORE BREACHES…*TechCrunch
  11. 11. AND MOREMay 24, 2013© Entrust Inc. All Rights Reserved. 10*CNET
  12. 12. IDENTITY CHALLENGES ABOUNDMay 24, 2013© Entrust Inc. All Rights Reserved. 11Security Threats and Risks GrowingPasswords are not secureUser Experience (UX) growing need password rules &resets captchas and KBA hardware tokensCompounded by Cloud and Mobile
  13. 13. STRONG AUTHENTICATION – WHAT ARETHE TRADITIONAL OPTIONS TODAY?
  14. 14. TRADITIONALAUTHENTICATORS• What are the common types of authenticators today?• Let’s have a look…May 24, 2013© Entrust Inc. All Rights Reserved. 13
  15. 15. EVALUATING THEAUTHENTICATORS:TRANSPARENT AUTHENTICATIONPro Con• Minimal user involvement– highusability• User interaction only when Risklevel higher• No authenticator to deploy• More complex to initialize• User confusion when prompted• Still requires an additionalauthentication (KBA)Network informationUser informationUser profileIP: 216.191.253.108Browser: IE 7.0Screen Depth: 1024….…Device ID
  16. 16. EVALUATING THEAUTHENTICATORS:HARDWARE TOKENSPro Con• Proven / familiar• No hardware to deploy to readOTP• Single purpose• Lost / forgotten tokens• Seed file security• Cost / distribution
  17. 17. EVALUATING THEAUTHENTICATORS:PAPER (INERT) TOKENS – GRID CARDSPro Con• Easy to use• Multiple forms• Combine with identity badge• Cost effective• Easier to copy• Should replace more often• Single purpose
  18. 18. EVALUATING THEAUTHENTICATORS:BIOMETRICSPro Con• Very secure / hard to clone• There always with us- we hope!• Shared readers• Expensive & technically complex• Capture and storage of personaldata.• Reliability of readers
  19. 19. EVALUATING THEAUTHENTICATORS:PKI (CERTIFICATES)Pro Con• Very secure (hard to clone)• Easy to use (transparent)• Extensible to other applications/ use cases• Technically complex without PKIexperience• Where to store certificates• If the root is compromised – allbets are off!
  20. 20. EVALUATING THEAUTHENTICATORS:SMART CARDSPro Con• Very secure• Easy to use• Multipurpose (LACs, PACS,Employee badge, flash pass)• Higher cost• Can require a myriad of productsto provision• Card readers required• Lost / stolen cards
  21. 21. AS THE WORLD PROGRESSES… WHAT’S NEXTmoreSecuremoreCosteffectivemoreMultipurposemoreConvenient
  22. 22. MOBILE IS POISED TO DISRUPT THISSPACE!
  23. 23. MOBILEHOLDSTHE PROMISEFOR THE NEXT GENERATION OFIDENTITYGeoLocationBiometricsSecureElementCryptoApplicationPlatform“Out ofBand”• Users want to carry them• Always in hand• Always connected• Convenient• Support work / personal balance• Deployment / use continues to grow atan outstanding pace• Computing power means they aremulti-purpose
  24. 24. WHAT CAN IT DO?Mobile devices can easily be provisionedwith additional or temporary authenticatorsSoftTokenOOBTransactionVerificationSMSOTPeGridMobile as asmart card
  25. 25. MANY USE CASESMulti-purpose Identity• Physical access• Logical access• Windows logon• VPN & Web apps• Cloud applications• Digital Signatures• Encryption• Defeat malware &session riding attacks
  26. 26. CONCLUSIONMay 24, 2013© Entrust Inc. All Rights Reserved. 25Security Threats and Risks Growing IAM Will get harderMobile is Here to Stay… so leverage it! More convenient More secure More cost effective
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×