Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Multi-Factor Authentication - "Moving Towards the Enterprise"

741 views

Published on

In the past year, we’ve seen a significant shift in how we are asked to authenticate to web applications. The trend is moving from relying on simple username & passwords to wider scale use of two-factor, risk-based & multi-factor authentication (MFA), such as software tokens, one-time password (OTP), and various forms of device identification. What does it all mean & is it something your organization needs?

The simple answer is…multi-factor authentication needs to be on the radar of every organization, as passwords are no longer enough to protect users. Passwords are too easy to crack or steal & hackers are indiscriminant. From an operational perspective, organizations are losing money through high volumes of help desk tickets related to logins & password resets. Strong passwords are still just too weak of a defense in today’s business world.

Join us at 11amET on Tuesday, April 1st for an interactive webcast with our team of subject matter experts to learn more about how to turn this new requirement into a seamless feature of your current environment.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Multi-Factor Authentication - "Moving Towards the Enterprise"

  1. 1. • What is Multi-Factor Authentication • Why MFA matters to the Enterprise? • Introduction to XSpectra • Demo • Q & A Multi-Factor Authentication - Moving Towards the Enterprise
  2. 2. Rohan Weerasinghe, Product Evangelist, XSpectra Mycroft Inc. INTRODUCTIONS Copyright ©2014 Mycroft Inc. All rights reserved Edward Edge, Product Evangelist, XSpectra Mycroft Inc.
  3. 3. WHAT IS MFA & WHY DOES IT MATTER TO THE ENTERPRISE? The trend is moving from relying on simple username & passwords to wider scale use of two-factor and multi-factor authentication (MFA), such as software tokens There are three different kinds of authentication factors: Something you know – password, PIN, challenge questions Something you have – fob, mobile phone (OTP), certificate Something you are – fingerprint, facial recognition, voice pattern Copyright ©2014 Mycroft Inc. All rights reserved
  4. 4. CASE IN POINT… • FEBRUARY 26, 2014: Data breach at Indiana University - 146,000 students’ SSN exposed • FEBRUARY 23, 2014: Apple issues fix for breach which could have provided hackers a route to read emails, instant messages, social media posts & even online bank transactions. • DECEMBER 19, 2013: 110M personal payment information accessed due to Target breach • JANUARY 23, 2013: Neiman Marcus announces 1.1M customer cards hacked by malicious software • JULY 12, 2012: Yahoo confirmed 400,000+ users info compromised. (Gmail, AOL & Hotmail) • JULY 10, 2012: 420,000 hashed Formspring passwords were publicly posted to a third-party forum • JUNE 5, 2012: Cloudflare’s customer accounts are breached via their CEO’s personal gmail account • APRIL 24, 2012: Nissian announced security breach earlier this year • FEBRUARY 13, 2012: Microsoft’s online store in India hacked, user information compromised • FEBRUARY 11, 2012: U.K.-based TicketWeb direct marketing system hacked, • JANUARY 15, 2012: Hackers access personal information from Zappos’ 24 million users • JANUARY 5, 2012: 45,000 Facebook passwords compromised, mostly in the U.K. and France AND ON & ON & ON….
  5. 5. TRADITIONAL ENTERPRISE WITH NETWORK PERIMETER Enterprise Apps Network Perimeter Internal Employee Public Private SaaS Copyright ©2014 Mycroft Inc. All rights reserved
  6. 6. …and remote employees Enterprise Apps Network Perimeter Internal Employee SINGLE POINT OF PERIMETER CONTROL IS GOING AWAY Public Private Mobile employee VPN SaaS Copyright ©2014 Mycroft Inc. All rights reserved
  7. 7. …and remote employees …and cloud applications Enterprise Apps Network Perimeter Cloud Apps/Platforms & Web Services SaaS Internal Employee SINGLE POINT OF PERIMETER CONTROL IS GOING AWAY Public Private Mobile employee VPN SaaS Copyright ©2014 Mycroft Inc. All rights reserved
  8. 8. …and remote employees …and cloud applications …and external users Partner User Consumer Enterprise Apps Network Perimeter Cloud Apps/Platforms & Web Services SaaS Internal Employee SINGLE POINT OF PERIMETER CONTROL IS GOING AWAY Public Private Mobile employee VPN No single perimeter to control! SaaS Copyright ©2014 Mycroft Inc. All rights reserved
  9. 9. IDENTITY IS THE NEW PERIMETER THE REQUIREMENT: A CENTRALIZED IDENTITY SERVICE Enterprise Apps Cloud Apps/Platforms & Web Services SaaS Identity Internal Employee Mobile employee Partner User On Premise Consumer Copyright ©2014 Mycroft Inc. All rights reserved
  10. 10. XSPECTRA OVERVIEW • On-demand IAM service based on CA CloudMinder™ based on longest, deepest history & experience in IAM built specifically for expansion to address full spectrum of organizational risk needs • Broadest & deepest feature set built for growing companies including: • Federated Single Sign-On • Automated & Self Service User Management • Multifactor Authentication • Centralized Holistic Provisioning & De-provisioning • Identity Platform • Risk Based Policy Enforcement • Addresses customer needs quickly through automation • Top-tier Security Operations Center in compliance with SAS 70 security standards for up to 24x7 support • Customizations team of professional services experts in- house to quickly address specific requirements • IAM capabilities without need for large IT infrastructure INTRODUCING….  Low cost with subscription pricing  Enterprise-class features & functions  HYBRID SOLUTION that integrates on-premise & cloud apps  Quick deployment Copyright ©2014 Mycroft Inc. All rights reserved
  11. 11. CONCEPTUAL ARCHITECTURE Copyright ©2014 Mycroft Inc. All rights reserved
  12. 12. MYCROFT XSPECTRA ON-DEMAND SERVICE Strong Authentication  QnA, OAuth, OpenID, Arcot PKI/OTP  Security Code over SMS/Email/Voice  Device identification  Risk detection & prevention  Configurable rules engine  Adaptive and step-up authentication  Geo-location & velocity checking  Fraud case management CA CloudMinder™ Advanced Authentication Federated SSO  Standards-based federation  STS (Token Translation)  Portal to launch services  Integration with other services CA CloudMinder™ Single Sign-on  User management  Access request  Hybrid provisioning-cloud & on-premise  Identity synchronization CA CloudMinder™ Identity Management Identity ManagementExpands current market offerings through: • Full Life Cycle Provisioning to targeted endpoint on-premise such as Active Directory, Oracle, SAP, etc. • Multifactor & Risk-based Authentication with choice of credential formats • Configurable policies for custom risk assessments • Federated SSO to cloud-platforms and SaaS applications • Self-Service capabilities such as registration, profile management, access requests, etc • Seamless integration with on-premise, cloud or hosted environments • All the benefits of the cloud including monthly subscription pricing, no up-front investment, reduced in-house costs & fast access Copyright ©2014 Mycroft Inc. All rights reserved
  13. 13. MYCROFT XSPECTRA ON-DEMAND SERVICE • Enhances log-in process to provide strong authentication • Implements risk-based authentication • Non-intrusive to the user experience • Measure risk based on device characteristics, location & velocity • Enhances credentials to support two- factor authentication • Arcot ID OTP • Arcot ID PKI • Supports authentication attempts from PC, Mac, tablet & phones Copyright ©2014 Mycroft Inc. All rights reserved Advanced Authentication
  14. 14. MYCROFT XSPECTRA RISK-BASED AUTHENTICATION
  15. 15. TWO-FACTOR AUTHENTICATION WITH OTP • Once the user is registered, one-time password (OTP) is a generated by iPhone, Android, Blackberry, a nd Windows clients • The OTP is active for short while and regenerates periodically – usually under a minute – however this is configurable • The user retrieves the OTP using their own PIN (Personal Identification Number) Copyright ©2014 Mycroft Inc. All rights reserved
  16. 16. Copyright ©2014 Mycroft Inc. All rights reserved
  17. 17. MULTIFACTOR AUTHENTICATION • Strong authentication & risk evaluation help reduce fraud misuse • Low TCO - efficient self-service capabilities, no infrastructure to deploy and no software upgrade expenses • Compliance - Strong & risk-based authentication can help meet FFIEC, HIPAA, PCI and SOX guidelines Strong Authentication  QnA, OAuth, OpenID, Arcot PKI/OTP  Security Code over SMS/Email/Voice  Device identification  Risk detection & prevention  Configurable rules engine  Adaptive and step-up authentication  Geo-location & velocity checking  Fraud case management Copyright ©2014 Mycroft Inc. All rights reserved
  18. 18. Mycroft Inc. 369 Lexington Ave New York, NY 10017 212-983- 2656 info@mycroftinc.com www.mycroftcloud.com @IAMXSpectra Copyright ©2014 Mycroft Inc. All rights reserved

×