SecureAuth is an identity and access management company that provides adaptive authentication solutions to help organizations securely identify users. Their solution uses layered risk analysis and multi-factor authentication methods to strengthen security, while providing single sign-on convenience and self-service tools to reduce administration and improve the user experience. SecureAuth aims to offer flexibility by supporting a wide range of identity sources, authentication methods, applications and devices.
2. 2Copyright SecureAuth Corporation 2015
Agenda
+ The “Identity” problem
+ How SecureAuth IdP can help solve
+ How SecureAuth IdP is different
+ SecureAuth customers
3. 3Copyright SecureAuth Corporation 2015
EMPLOYEES
BUSINESS
PARTNERS
CUSTOMERS
CLOUD
ON-PREM
Commercial &
Homegrown
+ Billions spent annually on
Endpoint and Network security
+ 66% of Executives still not
confident they’re protected1
+ Breaches continue –
Anthem, US National Guard, T-Mobile,
Scottrade, CVS, Walgreens, IRS, FBI
+ If you have valid
credentials…you get in!
Users are the vulnerability & most
popular access point
+ SecureAuth protects & detects
at the user identity levelENDPOINT
SECURITY
NETWORK
SECURITY
Typical Security Infrastructure
Routinely Circumvented
1 - A 2015 Survey – Cybersecurity in the Boardroom (Link)
4. 4Copyright SecureAuth Corporation 2015
“2015 Data Breach Investigations Report” by Verizon
http://www.verizonenterprise.com/resources/reports/
rp_data-breach-investigation-report-2015_en_xg.pdf
5. 5Copyright SecureAuth Corporation 2015
EMPLOYEES
BUSINESS
PARTNERS
CUSTOMERS
CLOUD
ON-PREM
Commercial &
Homegrown
NETWORK
SECURITY
How can we
improve security
while
improving usability
and
reducing costs?
Need for Stronger Identity Security
Identity is the New Security Perimeter
IDENTITY
SECURITY
ENDPOINT
SECURITY
6. 6Copyright SecureAuth Corporation 2015
How Can SecureAuth Help?
Improve Security Improve Usability Reduce Costs
• Adjust security based on
dynamic risk analysis
• Tailor login process to
different types of groups
(i.e. administrators vs sales)
• Use behavioral biometrics
to continually monitor &
get smarter about auth.
• Only require MFA when
risk factors are present
• Secure single sign-on
convenience
• Self service - users manage
their own accounts
• Multiple authentication
methods to match use case
(can require more than 2 factors to proceed)
• Rapid deployment using
standard connectors
• Augment & complement
existing security
investments
• Uses existing directories
• No tokens/devices to buy
• Saving via self-service
(reduce 30-60% of your calls)
7. 7Copyright SecureAuth Corporation 2015
SecureAuth IdP
How Are We Different?
Pre-Authentication
Risk Analysis
Multi-Factor
Authentication
(20+ Methods)
Adaptive
Authentication
Workflows
Continuous
Authentication
(Behavioral Biometrics)
Single Sign-On User Self-Service
Any Application
Any Device
Any Identity Store
Any Identity Type
Password Reset
Account Unlock
Self-Enrollment
Self-Provisioning
Authentication Security
Any VPN
8. 8Copyright SecureAuth Corporation 2015
Millions of Users Trust SecureAuth
BANKING &
SECURITIES
HEALTHCARE GOVERNMENT HIGH TECH TRAVEL EDUCATION COMMUNICATIONS
MEDIA & SERVICES
RETAIL
9.
10. 10Copyright SecureAuth Corporation 2015
What Are Customers Saying?
“We’re able to eliminate smartcards and, over a year and half period, we were able to
eliminate soft FOB and hard FOB usage… We’ve reduced the number of passwords, made
it easier for our users to log into applications and our network, and improved security.”
– Chris Joerg, Director, Global Information Security – Unisys
“SecureAuth gives me the ability to ensure that remote access into my network is
being done by authenticated individuals in a secure way and with the least amount of
resistance.”
– Martin Littman, CTO & CISO – Kelsey-Seybold Clinic
“The flexibility of SecureAuth allowed us to go not only go with our main Citrix web apps
based application but with all other types of different applications from VPN all the way
to cloud-based SaaS apps. It was best of breed in every category.”
– Matt Johnson, Manager, Server Engineering – Houston Methodist Hospital
12. 12Copyright SecureAuth Corporation 2015
Device Recognition
IP Reputation
Directory Lookup
Geo-Location
Geo-Velocity
Behavioral Biometrics
Risk Layers
Dynamic Adaptive Authentication
+ Layered Risk Analysis =
Stronger Security
+ No User Experience
Impact
+ Only present MFA when
needed
+ No other vendor has as
many “layers”
13. 13Copyright SecureAuth Corporation 2015
+ Unique to each individual
on each device
+ 99%* Accuracy (improves over
time)
+ Only acts when threat
detected – MFA to proceed
+ First vendor to offer…
Available March 2016
TYPE
TOUCH
MOUSE
Behavioral Biometrics
Continuous Authentication
14. 14Copyright SecureAuth Corporation 2015
Any…Any…Any…
Choice & Flexibility
Any ID TypeAny Device Any ID Store Any ApplicationAny VPN
User Logon ID
SA web SSO token
3rd Party Web token
SAML
NYLM/Kerberos
X509 Cert
CAC
PIV
Smartcard
Form Post
Google
Facebook
LinkedIn
Windows Live
LDAP
AD_LDS
ODBC
Web Services
Lightweight Virtual Directory
WS-Trust
WS-Fed
Mobile
Web Token
Form-based
Tablets &
Smartphones
Desktops &
Laptops
15. 15Copyright SecureAuth Corporation 2015
Self Help Tools
Reduce Administration
+ Password Resets, Account
Unlock, Self-Enroll &
Provision
+ Time Savings
+ Labor Savings
+ User Autonomy
16. 16Copyright SecureAuth Corporation 2015
Consume any identity
from various sources
Map identity to existing data
stores for authentication
information
Utilize one or more of
20+ methods to confirm
user identity
Transparently assert
identity to on-premises,
cloud, mobile and VPN
resources (SSO)
Centralize and inspect access
control activity
SecureAuth:
The Secure
Path to Strong
Access Control
17. 17Copyright SecureAuth Corporation 2015
Any Access Device
Any
Identity
Store
Any Identity Type
Any On-Premises App
(Commercial, Legacy,
Homegrown)
Pre-Authentication Risk Analysis
Adaptive Authentication Workflows
Multi-Factor Authentication
Continuous Authentication
(Behavioral Biometrics)
Authentication Security
Any
VPN
Any
SIEM
Anything
SDK
Any Cloud App
(SaaS)
Password
Reset
Account
Unlock
Enrollment Provisioning
Self-Service
Single Sign-On
19. 19Copyright SecureAuth Corporation 2015
• Founded in 2006
• Privately held company
• HQ in Irvine, California
• 10 technology patents and
counting
• Technology partners:
Cisco, Juniper, F5, Citrix,
Microsoft, Amazon and
Google
SecureAuth Corporation
Proliferation of acces devices (Tablets, Smartphones, and work/home PCs) coupled with the cloud-based application boom = more access points than ever before…..all creating more security vulnerabilities than ever before!
2 out 3 breaches/attacks involved attackers using stolen credentials – 2014 Verizon Data Breach Investigations Report - http://www.darkreading.com/stolen-passwords-used-in-most-data-breaches/d/d-id/1204615
Many breaches involve stealing valid user credentials, which makes the attacked org even more vulnerable, hence why the need for Identify Security
This slide is only for reference….I want YOU to know where I got my data and arm you with that info in case a prospect asks
Single Sign-On section:
Any Device – We support iOS, Android, Windows phone and blackberry….as well as MAC, Windows, Java and even the Apple Watch – we support more devices than any other competitor
Any Identity Type – We support web token, SAML, kerberos, x509 certificate, CAC, PIV, smartcards and more – we support more identity types than any other vendor
Any VPN – We support Cisco, Citrix, F5, Juniper, SonicWall and more – more VPNs than any other vendor
Any Identity Store – AD, LDAP, AD-LDS, Azure AD, MS-SQL, MySQL, ODBC, Oracle db and more – more than any other vendor
Any Application – SAML, OpenID, OpenID connect, WS-Fed, WS-Trust, OAuth and more – More than any other vendor
Slide has been updated to include 2014 & 2015 customer wins
Click video thumbnails to launch each of the three videos (Must be in “Slide show mode” and have internet access)
Bullet proof vest – has layers upon layers to strengthen
Easily deploy – pop into existing security infrastructure
Leverage existing investments
Centralized & Consistent
You can access both Password reset calc and SSO calc in the Google Drive folder link below:
https://drive.google.com/folderview?id=0B_tW7Mw7r9tPQkRDakNTMlJnVDA&usp=sharing
SecureAuth IdP provides frictionless user access control for on premise, mobile, cloud, web, and VPN resources that is so flexible and secure, it meets today’s access control needs and tomorrow’s
So how does SecureAuth IdP work. Its based on the premise of 6 As’
First IdP accepts the incoming identity from really just about any source
Then it authorizes that identity by comparing it to your existing data store or stores to ensure its valid
Next is the authentication of the identity leveraging well over 20 methods for two-factor authentication
During the first three steps, adaptive authentication analysis is taking place inspecting the selected identity attributes. Before an identity is accepted, the IP address is analyzed using white & black lists and live threat intelligence from Norse. During authentication, the user’s identity and group memberships are inspected and validated against the data store. And at authentication, device fingerprints are examined as well as geo-location and geo-velocity to further validate the identity.
If the analysis identifies a risk that exceeds the defined allowable threshold, action is taken place to step-up, redirect or simply halt the authentication
and taking action if necessary
Next we assert the confirmed identity to whatever resources are identified whether on premise, via mobile device, in the cloud, on the web or via VPN
Finally comes audit and the ability to track and retain user access events and inspect them using the SIEM tool of your choice.
We provide you the ability to customize a portal, could be for employees, business partners, or customers. As you can see from the examples, you can get very creative (Norwegian Cruise Lines) or simple (Starbucks). It’s YOUR portal and can be branded anyway you want!
First a little about our company. We were founded in 2006 in Irvine California. We have offices throughout the United States and our European HQ is located in London. We are a privately held company with over 80 employees. We currently have 10 patents for the technology we’ve built into our solutions.
As an organization we believe in building solutions using industry standards to ensure we work well in any environment and with your existing infrastructure. As a result, we have many technology partners. Here is a list of just a few - Cisco, Juniper, Citrix, Microsoft, Amazon and Google.
At the end of the day, our focus is to ensure we are delivering value, unbelievable value to you, our customer. We do this by delivering solutions that link your legacy infrastructures with emerging technologies to enable you to meet your needs for secure access control.