SlideShare a Scribd company logo

Strong Authentication: Securing Identities and Enabling Business

SafeNet
SafeNet

In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight. Consumer demands and compliance pressures bring organizations and institutions to search for new ways to strengthen their internal controls, authentication methods, and identity management practices. The message is clear – action is needed to stay ahead in the fast changing, security-conscious market.

Technology
1 of 7
Download to read offline
Strong Authentication: Securing Identities and Enabling Business WHITE PAPER Table of Contents Abstract .............................................................................................................................. 2 Passwords Are Not Enough! ................................................................................................ 2 It’s All About Strong Authentication .................................................................................... 2 Strong Authentication Solutions – What is Available? ......................................................... 4 Strong Authentication Solutions Are Evolving ..................................................................... 5 Practical Considerations for Selecting a Strong Authentication Solution ............................ 6 SafeNet Strong Authentication Solutions ............................................................................ 7 Strong Authentication: Securing Identities and Enabling Business White Paper 1
Abstract In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight. The total cost of coping with the Consumer demands and compliance pressures bring organizations and institutions to search consequences of data breaches for new ways to strengthen their internal controls, authentication methods, and identity rose to $6.6m per breach, up management practices. The message is clear – action is needed to stay ahead in the fast- from $6.3m in 2007, or $202 per changing, security-conscious market. record. The weakness of passwords can no longer be tolerated, and organizations are increasingly Ponemon Institute moving from password-centric to strong authentication solutions. This enables organizations to securely authenticate identified users and gain one of the most crucial elements of any business relationship – trust. Organizations are realizing that security is vital for enabling business, cutting costs, complying with regulations, establishing a productive work environment, and attracting customers. Meanwhile, strong authentication solutions are developing to answer organizations’ needs by providing easy-to-use solutions with numerous benefits to both users and organizations. Passwords Are Not Enough! When first introduced in the early sixties passwords were regarded as cheap, easy to use, and secure. Forty years and many technological developments later, is there any reason to believe these facts still hold? Passwords are difficult to use – Studies reveal that users today have on average approximately 15 password-protected accounts. One password may be easy to remember, but handling many passwords is a timeconsuming task and a security hazard. Passwords are expensive – every forgotten or lost password results in significant costs. The expense is even greater when lost employee productivity is taken into consideration. Passwords are not secure. To handle their multiple credentials, many users choose easy- to-guess passwords, use the same passwords for several accounts, or even write down passwords where they can be easily found. Add to these security risks the abundance of available password cracking tools and it is easy to see that passwords are no longer a sufficient security measure. It has become evident and widely accepted that passwords are not a reliable method for authenticating users. To achieve the benefits of information security and overcome the inherent weakness of passwords, organizations are turning to stronger authentication solutions. It’s All About Strong Authentication For organizations wishing to enable more business, reduce security vulnerabilities, comply with regulations mandating data privacy and protection, save costs, and attract security- conscious customers, a strong and robust authentication system can lead the way to achieving their goals. Enable Business By implementing strong authentication solutions, organizations can allow legitimate users to access sensitive data anytime, anywhere. With the enhanced security, organizations can provide their users with tools and abilities that are otherwise risky or not practical. For example, hospitals can enable their patients to securely access personal medical records online, businesses can enable their employees to access confidential business data from the corporate network while traveling; and university professors can allow their students to securely submit examinations and view their grades online. Strong Authentication: Securing Identities and Enabling Business White Paper 2
Comply with Regulations A growing number of rules and regulations hold organizations responsible for the integrity of their business data and for the protection of personal information that has been entrusted to them. To comply, organizations need to ensure that individuals who access their network, applications, and portable devices are indeed who they claim to be. Therefore, strong authentication constitutes a basis for compliance with many of these regulations. As an example, the Federal Financial Institutions Examination Council’s (FFIEC) Authentication Guidance considers “single-factor authentication, as the only control mechanism, to be inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties…Account fraud and identity theft are frequently the result of single- factor (e.g., ID/password) authentication exploitation.”1 Another instance is the Health Insurance Portability and Accountability Act (HIPAA), which requires healthcare related organizations to securely authenticate individuals before granting them access to sensitive patient data. Compliance was the driving These are only two examples from an ever growing list of regulations, including Sarbanes- factor for up to 85% of all IAM Oxley (SOX) Act, Electronic Signatures in Global and National Commerce (E-SIGN) Act, Basel II, purchases in 2008 and 2009 Food and Drug Administration (FDA) 21 CFR Part 11, and more, that mandate organizations to protect their data and meet IT security standards. Strong authentication enhances compliance IDC, June 2009 by enabling secure user access and providing a proven and attestable method for protecting internal data and networks. Increase Productivity Providing users with widespread access to necessary business data and applications in the office, at home, or on the road, improves communication among employees, shortens the response times to clients and customers, and in short – increases productivity. Strong authentication solutions provide the needed security for organizations to give their users such access. Strong authentication solutions also increase productivity by significantly reducing the time spent on password administration and maintenance by both users and help desk personnel. 1 “The Twilight of Passwords: A Timetable for Migrating to Stronger Authentication,” by Ant Allan, Gartner, Inc., February 28, 2007. Save Cost, Increase ROI Strong authentication enables organizations to provide increased connectivity and secure access to digital data and applications. By offering additional services online, organizations can enhance efficiency and thereby save significant costs in their ongoing business activities. When implementing strong authentication with single sign-on capabilities, organizations can reduce the ongoing costs associated with password administration, as users need not handle multiple passwords. For example, smart-card-based authentication tokens can securely store all user credentials on-board, and users need only remember their single token password to access their credentials. Strong authentication solutions that offer user self-service token and credential management tools enable organizations to reduce costs even further. Strengthening security also saves organizations significant costs by preventing potential security breaches. These include misuse of data and networks by insiders, lost data from stolen laptops, and other security attacks that affect many organizations today. With strong authentication, it is possible to block unauthorized access and to hold authorized individuals accountable for their usage of the organization’s digital resources, thereby reducing errors or deliberate harmful behavior. Indeed, according to the 2007 CSI Computer Crime and Security Survey, close to 46% of respondents suffered a security incident; 59% reported insider abuse of network access and 52% reported insider abuse of email. The average loss reported in the 2007 survey skyrocketed to $350,424 from $168,000 the previous year. 2 In general, different strong authentication offerings provide various levels of solution support. The broader the range of security solutions enabled – such as secure network access, single sign-on Strong Authentication: Securing Identities and Enabling Business White Paper 3
(SSO), PC security, and secure data transactions – the greater the return on investment (ROI). Attract Customers The dramatic increase in fraud and online identity theft has led consumers to demand better online security. Organizations are now viewing security not only as a need for compliance, but also as a marketing differentiator, attracting customers, increasing sales, increasing brand loyalty, and improving their reputation by positioning themselves as security-minded. Consumers are dictating to the market that the better product is also the safer product. Strong authentication provides an effective solution users can easily understand and adopt. Strong Authentication Solutions – What is Available? Strong authentication solutions enable organizations to ensure that a user is indeed who he or she claims to be. They increase the security of the authentication process beyond passwords by requiring two or more of the following forms of authentication: 2 2007 CSI Computer Crime and Security Survey • Something you know – something the user needs to remember, such as a password, a PIN, or an answer to a personal question • Something you have – something the user needs to physically carry, such as a token or a card • Something you are – a biometric feature, such as a fingerprint or facial characteristic Strong authentication solutions commonly involve a physical device, (e.g. token), used together with a password to prove the owner’s identity. A wide variety of strong authentication token technologies and form factors are available in the market. The following are descriptions of the key form factors available today: USB Tokens USB tokens are small handheld devices that users connect to their computers’ USB ports to authenticate. Users are granted access upon plugging the token into the USB port and entering the token password. The physical connection between the token and the computer enables these tokens to be used for multiple security applications such as secure local and remote network access, web access, laptop and PC protection, file encryption, user credential management, and secure transactions. Smart Cards More than 60% of enterprises Smart cards are credit card sized devices that contain highly secure microprocessor chips and more than 15% of SMBs dedicated for cryptographic operations. To authenticate, users must insert their smart cards use authentication methods into their readers and enter a password. Smart cards provide highly secure storage of user other than simple passwords credentials and keys. They also secure PKI implementation by generating keys and performing for workforce remote access to cryptographic operations on-board, without ever exposing the user’s private key to the computer environment. While providing extensive functionality and high security, smart cards lack enterprise networks. mobility. Using a smart card requires a separate reader for every machine in which the smart Gartner, Nov 2009 card will be used. Smart-card-based USB Tokens Smart-card-based USB tokens, which contain a smart card chip leverage the advantages of both USB tokens and smart cards to provide the greatest level of security, versatility, and they enable a broad range of security solutions and provide all of the benefits of a traditional smart card and reader – without requiring the separate reader. One-time Password (OTP) Tokens OTP tokens are small handheld devices that allow authentication using onetime passwords Strong Authentication: Securing Identities and Enabling Business White Paper 4
generated by the device, based on a secret key shared by the device and an authentication server. A user wishing to authenticate enters the one-time password appearing on the token, and this value is compared to the value generated by the authentication server. While OTP tokens are highly portable, they do not provide the same level of support for multiple security applications that USB tokens and smart cards offer. Hybrid Tokens Hybrid tokens provide multiple types of functionality, which increases flexibility. Hybrid USB and OTP tokens allow full USB-based strong authentication and security solutions, as well as OTP- based strong authentication in detached mode when needed. Smart-card-based hybrid tokens that use the smart card chip for both USB and OTP functionalities provide maximum security. Software Tokens Software tokens enable strong authentication without a dedicated physical device. These tokens are software programs that can be stored on a user’s computer, or on mobile devices such as a cellular phone or PDA. Based on a secret key, the token generates a one-time password that is displayed on the computer or mobile device. Software OTP tokens are also available for use with mobile devices. Strong Authentication Solutions Are Evolving As market sophistication and experience with strong authentication increases, and as the level of threats resulting from ever more sophisticated cyber-crime grows, authentication solutions are evolving to meet market demands. Organizations are looking for broad, open solutions that enable them to incorporate many capabilities using a single system and which allow them to adjust as their business needs evolve. At the same time, they are looking for solutions that are easy to implement and use, to ensure user acceptance and maximize return on their investment. The following are some recent trends in strong authentication: Software Authentication on Mobile Phones Mobile phones are ubiquitious, so it makes sense using the device that most people carry around with them as the “what you have” factor in two-factor authentication. Mobile phones can support a range of authenticaiton methods, from OTP passcodes generated by an OTP application that is installed on the phone, to certificate-based tokens in software format – also installed on the Phone-based OOB authentication phone - and SMS passcode delivery. In the latter case, the SMS passcode is delivered to the products market estimated to phone via regular cellular channels. reach $137M in 2015 from $40m IN 2008 Out of Band Authentication OOB Authentication requires that separate information channels are used for communication. In N5CB, Frost & Sullivan, other words, the passcode that is entered into the website is delivered to the user on a separate September 2009 device from the device being used for logging in to the application. One of the more common forms of OOB authenticaiton is sending the passcode to users’ mobile phones via SMS. Another form of OOB Authentication is automatic call-back, either to a mobile number of a regular land line. Transaction Verification and Signing Transaction verification and signing is intended to reduce the risk of financial fraud which has become much more sophisticated over the past few years. Trasnaction verification adds another level of security to the authentication process by utilizing separate channels to reconfirm the details of a given transaction. Transaction verification can utlizie some to the methods already mentioned above, including Out of Band SMS delivery, where the SMS message contains the actual transaction details, in addition to a passcode that the user has to enter into the website. Another way of implementing transaction verification is through Interactive Voice Response (IVR), or with an OTP authentication device that has the added functionality of challenge response and transaction data display. Phone-based OOB authentication products market estimated to reach $137M in 2015 from $40m IN 2008 N5CB, Frost & Sullivan, September 2009 Strong Authentication: Securing Identities and Enabling Business White Paper 5
Practical Considerations for Selecting a Strong Authentication Solution With the plethora of strong authentication offerings available today, it is important for organizations to carefully evaluate the available solutions before making a decision on which solution to implement. When choosing a strong authentication solution, organizations should take a number of factors into account. The following are some of the key elements to consider: Solution Coverage When investing in a strong authentication solution, organizations should carefully examine their current and future needs, and select the solution that best answers those needs. The following are some questions to consider: Do I want to protect my internal network from unauthorized access? If so, consider strong authentication solutions that enable flexible and comprehensive secure network access, both in the office and remotely if needed. Do my users need to connect from remote locations? If so, consider portable solutions that enable secure VPN and web access for remote users, and that enable employees to secure their laptops and data while on the road. Do my users need to access many password-protected applications? If so, consider solutions that provide single sign-on functionality, either by storing user credentials on the token or by integrating with external single sign-on systems. Do I want my users to digitally sign and encrypt sensitive data or transactions? If so, consider smart-card-based solutions that provide secure onboard PKI key generation and cryptographic operations, as well as mobility for users. How sensitive is my business data? The more sensitive the data, the higher the priority on the robustness and security of the solution. Do I want to firmly protect data that sits on my users’ PCs and laptops? If so, consider token solutions that integrate with PC security products such as boot protection and disk encryption applications that require the use of a token to boot a computer or decrypt protected data. Have I or do I want to implement a secure physical access solution? If so, consider token solutions that enable integration with physical access systems. Usability Users will be willing to adopt a strong authentication solution that is easy to learn and user friendly. Installation, updates, and similar processes should be easy and intuitive for both users and administrators. In addition, solutions that offer automated processes for resetting token passwords, handling lost or damaged tokens, and other token management tasks are likely to have increased acceptance. Openness A strong authentication solution based on an open architecture gives organizations the flexibility to integrate the solution with multiple third-party vendor products or customized applications. Offerings that include (SDKs), and a large set of solution partners that integrate the strong authentication offering into their products, provide increased opportunities for extending support for the solution. Flexibility A flexible strong authentication solution provides many benefits, enabling every organization to modify the solution based on its existing and evolving needs. Strong authentication vendors Strong Authentication: Securing Identities and Enabling Business White Paper 6
that offer a range of devices that operate with the same set of security application, provide Benefits considerable cost savings and flexibility. Organizations can deploy any mix of devices for their • Core Benefits users and change that mix over time as desired. • quick and simple Manageability authentication for vPN A comprehensive management system can significantly reduce the challenge of implementing remote access a strong authentication solution by enabling enterprise-wide deployment and life-cycle • multiple certificate-based management of the entire solution, including the full inventory of authentication devices and security solutions on a single their associated security applications. Token and card management systems provide automated token tools and procedures that not only significantly reduce the load on the IT department, but also minimize errors. User self-service management tools further simplify the management of the • convenient, portable and solution and reduce the workload on the administrators. Therefore, when evaluating a strong “user friendly” authentication solution, the availability and extent of management capabilities offered as part of • the freedom to choose from the solution should be seriously considered. a variety of devices to meet your needs both today and Cost tomorrow Strong authentication solutions vary in cost and offerings. It is important to choose a solution that provides the needed capabilities and falls within budget. Organizations should take into • tailor authentication account the overall long-term cost of the solution, including initial investment costs, recurring solutions based on users fees, token replacement costs, and the costs involved in extending the solution as needed in the unique security profile future. • cost effective with low TCO SafeNet Strong Authentication Solutions • requires little or no ongoing SafeNet’s versatile portfolio of strong authentication solutions are designed to provide maintenance organizations with two critical enablers to moving business forward: freedom and flexibility. • built on award-winning, Freedom to choose from the most advanced authentication options available today that will innovative technology help meet your specific organizational, customer and regulatory requirements, and flexibility to enhance and adapt your solutions as those requirements change. whether it’s a simple • meets the highest security one-Time Password (OTP) remote access solution or an advanced certificate-based solution standards, and lets you to support applications such as digital signing or combined physical/logical access, SafeNet’s comply with privacy authentication solutions will meet all of your current and future security needs. regulations With SafeNet Authentication Solutions You Can: • Conduct business securely and efficiently and open new market opportunities with innovative products that enable secure data access while protecting identities for employees, customers and business partners. • Reduce risk with strong authentication solutions that prevent fraud and data theft and enable compliance to industry regulations. • Expand your options with a flexible range of strong, innovative certificate-based and simple to use oTP technologies that are easy to integrate, manage, support and use. Ideal for Remote Access and Advanced Security Applications SafeNet’s range of authentication solutions allow you to implement straightforward out-of-the- box packages for remote access, or mix and match from a broad selection of certificate-based, OTP and hybrid hardware and software authenticators to meet your organization’s specific risk profiles. SafeNet’s advanced security applications include solutions for password management, network logon, single-sign-on (SSo) and web signon (wSo). To find out more about SafeNet authentication solutions go to: http://www.safenet-inc.com/authentication Contact Us: For all office locations and contact information, please visit www.safenet-inc.com Follow Us: www.safenet-inc.com/connected ©2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. WP (EN)-11.08.10 Strong Authentication: Securing Identities and Enabling Business White Paper 7

Recommended

Intro To Secure Identity Management
Intro To Secure Identity ManagementIntro To Secure Identity Management
Intro To Secure Identity ManagementProduct Marketing Services
 
Wk White Paper
Wk White PaperWk White Paper
Wk White PaperCreus Moreira Carlos
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
Business Objects Security
Business Objects SecurityBusiness Objects Security
Business Objects SecuritySebastien Goiffon
 
Legal Extranet
Legal ExtranetLegal Extranet
Legal ExtranetAlasdair Kilgour
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-clouddrewz lin
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industryCloudMask inc.
 
Varonis - DSS @VILNIUS 2010
Varonis - DSS @VILNIUS 2010Varonis - DSS @VILNIUS 2010
Varonis - DSS @VILNIUS 2010Andris Soroka
 

Recommended

Intro To Secure Identity Management
Intro To Secure Identity ManagementIntro To Secure Identity Management
Intro To Secure Identity ManagementProduct Marketing Services
 
Wk White Paper
Wk White PaperWk White Paper
Wk White PaperCreus Moreira Carlos
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
Business Objects Security
Business Objects SecurityBusiness Objects Security
Business Objects SecuritySebastien Goiffon
 
Legal Extranet
Legal ExtranetLegal Extranet
Legal ExtranetAlasdair Kilgour
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-clouddrewz lin
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industryCloudMask inc.
 
Varonis - DSS @VILNIUS 2010
Varonis - DSS @VILNIUS 2010Varonis - DSS @VILNIUS 2010
Varonis - DSS @VILNIUS 2010Andris Soroka
 
Electronic data & record management
Electronic data & record managementElectronic data & record management
Electronic data & record managementGreenLeafInst
 
PCI and Remote Vendors
PCI and Remote VendorsPCI and Remote Vendors
PCI and Remote VendorsObserveIT
 
Entrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Datacard
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperMartin Ruubel
 
Vormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric Inc
 
Threat Detect Hipaa Compliance
Threat Detect Hipaa ComplianceThreat Detect Hipaa Compliance
Threat Detect Hipaa Compliancetbeckwith
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Managing IT security and Business Ethics
Managing IT security and Business EthicsManaging IT security and Business Ethics
Managing IT security and Business EthicsRahul Sharma
 
Dynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenDynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenThuan Ng
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperKSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperMartin Ruubel
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And KeyYarko Petriw
 
Entrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Datacard
 
The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates RapidSSLOnline.com
 
Hexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode
 
Attributable Networks - Guardtime Whitepaper
Attributable Networks - Guardtime WhitepaperAttributable Networks - Guardtime Whitepaper
Attributable Networks - Guardtime WhitepaperMartin Ruubel
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideEntrust Datacard
 
Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Systems, Inc.
 
Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementSafeNet
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSafeNet
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsSafeNet
 

More Related Content

What's hot

Electronic data & record management
Electronic data & record managementElectronic data & record management
Electronic data & record managementGreenLeafInst
 
PCI and Remote Vendors
PCI and Remote VendorsPCI and Remote Vendors
PCI and Remote VendorsObserveIT
 
Entrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Datacard
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperMartin Ruubel
 
Vormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric Inc
 
Threat Detect Hipaa Compliance
Threat Detect Hipaa ComplianceThreat Detect Hipaa Compliance
Threat Detect Hipaa Compliancetbeckwith
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Managing IT security and Business Ethics
Managing IT security and Business EthicsManaging IT security and Business Ethics
Managing IT security and Business EthicsRahul Sharma
 
Dynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenDynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenThuan Ng
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperKSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperMartin Ruubel
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And KeyYarko Petriw
 
Entrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Datacard
 
The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates RapidSSLOnline.com
 
Hexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode
 
Attributable Networks - Guardtime Whitepaper
Attributable Networks - Guardtime WhitepaperAttributable Networks - Guardtime Whitepaper
Attributable Networks - Guardtime WhitepaperMartin Ruubel
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideEntrust Datacard
 
Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Systems, Inc.
 

What's hot (19)

Electronic data & record management
Electronic data & record managementElectronic data & record management
Electronic data & record management
 
PCI and Remote Vendors
PCI and Remote VendorsPCI and Remote Vendors
PCI and Remote Vendors
 
Entrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Physical & Logical Access Solutions
Entrust Physical & Logical Access Solutions
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime Whitepaper
 
Vormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rules
 
Threat Detect Hipaa Compliance
Threat Detect Hipaa ComplianceThreat Detect Hipaa Compliance
Threat Detect Hipaa Compliance
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
 
Managing IT security and Business Ethics
Managing IT security and Business EthicsManaging IT security and Business Ethics
Managing IT security and Business Ethics
 
Dynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenDynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyen
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013
 
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperKSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
 
Under Lock And Key
Under Lock And KeyUnder Lock And Key
Under Lock And Key
 
Entrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Enterprise Authentication
Entrust Enterprise Authentication
 
The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates
 
Hexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode Identity and Access Management solution
Hexnode Identity and Access Management solution
 
Attributable Networks - Guardtime Whitepaper
Attributable Networks - Guardtime WhitepaperAttributable Networks - Guardtime Whitepaper
Attributable Networks - Guardtime Whitepaper
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
 
Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management Suite
 

Viewers also liked

Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementSafeNet
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSafeNet
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsSafeNet
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetSafeNet
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2SafeNet
 

Viewers also liked (6)

Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key Management
 
Securing Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security GuideSecuring Digital Identities and Transactions in the Cloud Security Guide
Securing Digital Identities and Transactions in the Cloud Security Guide
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNetPayment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
Payment Card Security: 12-Steps to Meeting PCI-DSS Compliance with SafeNet
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2
 

Similar to Strong Authentication: Securing Identities and Enabling Business

5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!Caroline Johnson
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 
Enhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open EnterpriseEnhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open EnterpriseSymantec
 
Authentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webAuthentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webSafeNet
 
PSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & SecurityPSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & SecurityPSFK
 
Intelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementIntelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementEMC
 
A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!Caroline Johnson
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412Hai Nguyen
 
AnevaluationofsecurestorageofauthenticationdataIJISR.pdf
AnevaluationofsecurestorageofauthenticationdataIJISR.pdfAnevaluationofsecurestorageofauthenticationdataIJISR.pdf
AnevaluationofsecurestorageofauthenticationdataIJISR.pdftonkung6
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael Priyanka Aash
 
Strengthening Online Security with eSignatures.pdf
Strengthening Online Security with eSignatures.pdfStrengthening Online Security with eSignatures.pdf
Strengthening Online Security with eSignatures.pdfDrysign By Exela
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentse.law International
 
Document Security in the Digital Age: Strategies for Protecting Sensitive Inf...
Document Security in the Digital Age: Strategies for Protecting Sensitive Inf...Document Security in the Digital Age: Strategies for Protecting Sensitive Inf...
Document Security in the Digital Age: Strategies for Protecting Sensitive Inf...zainsmith017
 
Why eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdfWhy eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdfDrysign By Exela
 
Portal Authentication: A Balancing Act Between Security Usability and Complia...
Portal Authentication: A Balancing Act Between Security Usability and Complia...Portal Authentication: A Balancing Act Between Security Usability and Complia...
Portal Authentication: A Balancing Act Between Security Usability and Complia...PortalGuard
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCloudIDSummit
 
NQA - Information security best practice guide
NQA - Information security best practice guideNQA - Information security best practice guide
NQA - Information security best practice guideNA Putra
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsUbisecure
 

Similar to Strong Authentication: Securing Identities and Enabling Business (20)

5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enough
 
Enhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open EnterpriseEnhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open Enterprise
 
Authentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webAuthentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_web
 
PSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & SecurityPSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & Security
 
Intelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementIntelligence Driven Identity and Access Management
Intelligence Driven Identity and Access Management
 
Protect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and ActionProtect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and Action
 
A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412
 
AnevaluationofsecurestorageofauthenticationdataIJISR.pdf
AnevaluationofsecurestorageofauthenticationdataIJISR.pdfAnevaluationofsecurestorageofauthenticationdataIJISR.pdf
AnevaluationofsecurestorageofauthenticationdataIJISR.pdf
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael
 
Strengthening Online Security with eSignatures.pdf
Strengthening Online Security with eSignatures.pdfStrengthening Online Security with eSignatures.pdf
Strengthening Online Security with eSignatures.pdf
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documents
 
Document Security in the Digital Age: Strategies for Protecting Sensitive Inf...
Document Security in the Digital Age: Strategies for Protecting Sensitive Inf...Document Security in the Digital Age: Strategies for Protecting Sensitive Inf...
Document Security in the Digital Age: Strategies for Protecting Sensitive Inf...
 
Why eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdfWhy eSignatures are Imperative for Data Security.pdf
Why eSignatures are Imperative for Data Security.pdf
 
Portal Authentication: A Balancing Act Between Security Usability and Complia...
Portal Authentication: A Balancing Act Between Security Usability and Complia...Portal Authentication: A Balancing Act Between Security Usability and Complia...
Portal Authentication: A Balancing Act Between Security Usability and Complia...
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
 
ProofeasyPPT.pptx
ProofeasyPPT.pptxProofeasyPPT.pptx
ProofeasyPPT.pptx
 
NQA - Information security best practice guide
NQA - Information security best practice guideNQA - Information security best practice guide
NQA - Information security best practice guide
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for Applications
 

More from SafeNet

eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference GuideSafeNet
 
Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudSafeNet
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlSafeNet
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilitySafeNet
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudSafeNet
 
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelCloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelSafeNet
 
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeNet
 
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...SafeNet
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...SafeNet
 
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...SafeNet
 
Hardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementHardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementSafeNet
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesSafeNet
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...SafeNet
 
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...SafeNet
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet
 
Building Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesBuilding Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesSafeNet
 
Secure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSecure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSafeNet
 
An Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key ManagementAn Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key ManagementSafeNet
 
Securing the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSecuring the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSafeNet
 

More from SafeNet (20)

eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference Guide
 
Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the Cloud
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative World
 
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
 
ProtectV - Data Security for the Cloud
ProtectV - Data Security for the CloudProtectV - Data Security for the Cloud
ProtectV - Data Security for the Cloud
 
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business ModelCloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
Cloud Monetization: A Step-by-Step Guide to Optimizing Your SaaS Business Model
 
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
SafeWord 2008 Migration Bundle Building a Fully Trusted Authentication Enviro...
 
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
Securing Network-Attached HSMs: The SafeNet Luna SA Three-Layer Authenticatio...
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
 
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
Cloud Computing and the Federal Government: Maximizing Trust Supporting the M...
 
Hardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk ManagementHardware Security Modules: Critical to Information Risk Management
Hardware Security Modules: Critical to Information Risk Management
 
Building Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and StrategiesBuilding Trust into eInvoicing: Key Requirements and Strategies
Building Trust into eInvoicing: Key Requirements and Strategies
 
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...A Question of Trust: How Service Providers Can Attract More Customers by Deli...
A Question of Trust: How Service Providers Can Attract More Customers by Deli...
 
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...
 
SafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server EncryptionSafeNet DataSecure vs. Native SQL Server Encryption
SafeNet DataSecure vs. Native SQL Server Encryption
 
Building Trust into DNS: Key Strategies
Building Trust into DNS: Key StrategiesBuilding Trust into DNS: Key Strategies
Building Trust into DNS: Key Strategies
 
Secure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSecure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the Web
 
An Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key ManagementAn Enterprise Guide to Understanding Key Management
An Enterprise Guide to Understanding Key Management
 
Securing the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSecuring the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMs
 

Recently uploaded

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 

Recently uploaded (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 

Strong Authentication: Securing Identities and Enabling Business

  • 1. Strong Authentication: Securing Identities and Enabling Business WHITE PAPER Table of Contents Abstract .............................................................................................................................. 2 Passwords Are Not Enough! ................................................................................................ 2 It’s All About Strong Authentication .................................................................................... 2 Strong Authentication Solutions – What is Available? ......................................................... 4 Strong Authentication Solutions Are Evolving ..................................................................... 5 Practical Considerations for Selecting a Strong Authentication Solution ............................ 6 SafeNet Strong Authentication Solutions ............................................................................ 7 Strong Authentication: Securing Identities and Enabling Business White Paper 1
  • 2. Abstract In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight. The total cost of coping with the Consumer demands and compliance pressures bring organizations and institutions to search consequences of data breaches for new ways to strengthen their internal controls, authentication methods, and identity rose to $6.6m per breach, up management practices. The message is clear – action is needed to stay ahead in the fast- from $6.3m in 2007, or $202 per changing, security-conscious market. record. The weakness of passwords can no longer be tolerated, and organizations are increasingly Ponemon Institute moving from password-centric to strong authentication solutions. This enables organizations to securely authenticate identified users and gain one of the most crucial elements of any business relationship – trust. Organizations are realizing that security is vital for enabling business, cutting costs, complying with regulations, establishing a productive work environment, and attracting customers. Meanwhile, strong authentication solutions are developing to answer organizations’ needs by providing easy-to-use solutions with numerous benefits to both users and organizations. Passwords Are Not Enough! When first introduced in the early sixties passwords were regarded as cheap, easy to use, and secure. Forty years and many technological developments later, is there any reason to believe these facts still hold? Passwords are difficult to use – Studies reveal that users today have on average approximately 15 password-protected accounts. One password may be easy to remember, but handling many passwords is a timeconsuming task and a security hazard. Passwords are expensive – every forgotten or lost password results in significant costs. The expense is even greater when lost employee productivity is taken into consideration. Passwords are not secure. To handle their multiple credentials, many users choose easy- to-guess passwords, use the same passwords for several accounts, or even write down passwords where they can be easily found. Add to these security risks the abundance of available password cracking tools and it is easy to see that passwords are no longer a sufficient security measure. It has become evident and widely accepted that passwords are not a reliable method for authenticating users. To achieve the benefits of information security and overcome the inherent weakness of passwords, organizations are turning to stronger authentication solutions. It’s All About Strong Authentication For organizations wishing to enable more business, reduce security vulnerabilities, comply with regulations mandating data privacy and protection, save costs, and attract security- conscious customers, a strong and robust authentication system can lead the way to achieving their goals. Enable Business By implementing strong authentication solutions, organizations can allow legitimate users to access sensitive data anytime, anywhere. With the enhanced security, organizations can provide their users with tools and abilities that are otherwise risky or not practical. For example, hospitals can enable their patients to securely access personal medical records online, businesses can enable their employees to access confidential business data from the corporate network while traveling; and university professors can allow their students to securely submit examinations and view their grades online. Strong Authentication: Securing Identities and Enabling Business White Paper 2
  • 3. Comply with Regulations A growing number of rules and regulations hold organizations responsible for the integrity of their business data and for the protection of personal information that has been entrusted to them. To comply, organizations need to ensure that individuals who access their network, applications, and portable devices are indeed who they claim to be. Therefore, strong authentication constitutes a basis for compliance with many of these regulations. As an example, the Federal Financial Institutions Examination Council’s (FFIEC) Authentication Guidance considers “single-factor authentication, as the only control mechanism, to be inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties…Account fraud and identity theft are frequently the result of single- factor (e.g., ID/password) authentication exploitation.”1 Another instance is the Health Insurance Portability and Accountability Act (HIPAA), which requires healthcare related organizations to securely authenticate individuals before granting them access to sensitive patient data. Compliance was the driving These are only two examples from an ever growing list of regulations, including Sarbanes- factor for up to 85% of all IAM Oxley (SOX) Act, Electronic Signatures in Global and National Commerce (E-SIGN) Act, Basel II, purchases in 2008 and 2009 Food and Drug Administration (FDA) 21 CFR Part 11, and more, that mandate organizations to protect their data and meet IT security standards. Strong authentication enhances compliance IDC, June 2009 by enabling secure user access and providing a proven and attestable method for protecting internal data and networks. Increase Productivity Providing users with widespread access to necessary business data and applications in the office, at home, or on the road, improves communication among employees, shortens the response times to clients and customers, and in short – increases productivity. Strong authentication solutions provide the needed security for organizations to give their users such access. Strong authentication solutions also increase productivity by significantly reducing the time spent on password administration and maintenance by both users and help desk personnel. 1 “The Twilight of Passwords: A Timetable for Migrating to Stronger Authentication,” by Ant Allan, Gartner, Inc., February 28, 2007. Save Cost, Increase ROI Strong authentication enables organizations to provide increased connectivity and secure access to digital data and applications. By offering additional services online, organizations can enhance efficiency and thereby save significant costs in their ongoing business activities. When implementing strong authentication with single sign-on capabilities, organizations can reduce the ongoing costs associated with password administration, as users need not handle multiple passwords. For example, smart-card-based authentication tokens can securely store all user credentials on-board, and users need only remember their single token password to access their credentials. Strong authentication solutions that offer user self-service token and credential management tools enable organizations to reduce costs even further. Strengthening security also saves organizations significant costs by preventing potential security breaches. These include misuse of data and networks by insiders, lost data from stolen laptops, and other security attacks that affect many organizations today. With strong authentication, it is possible to block unauthorized access and to hold authorized individuals accountable for their usage of the organization’s digital resources, thereby reducing errors or deliberate harmful behavior. Indeed, according to the 2007 CSI Computer Crime and Security Survey, close to 46% of respondents suffered a security incident; 59% reported insider abuse of network access and 52% reported insider abuse of email. The average loss reported in the 2007 survey skyrocketed to $350,424 from $168,000 the previous year. 2 In general, different strong authentication offerings provide various levels of solution support. The broader the range of security solutions enabled – such as secure network access, single sign-on Strong Authentication: Securing Identities and Enabling Business White Paper 3
  • 4. (SSO), PC security, and secure data transactions – the greater the return on investment (ROI). Attract Customers The dramatic increase in fraud and online identity theft has led consumers to demand better online security. Organizations are now viewing security not only as a need for compliance, but also as a marketing differentiator, attracting customers, increasing sales, increasing brand loyalty, and improving their reputation by positioning themselves as security-minded. Consumers are dictating to the market that the better product is also the safer product. Strong authentication provides an effective solution users can easily understand and adopt. Strong Authentication Solutions – What is Available? Strong authentication solutions enable organizations to ensure that a user is indeed who he or she claims to be. They increase the security of the authentication process beyond passwords by requiring two or more of the following forms of authentication: 2 2007 CSI Computer Crime and Security Survey • Something you know – something the user needs to remember, such as a password, a PIN, or an answer to a personal question • Something you have – something the user needs to physically carry, such as a token or a card • Something you are – a biometric feature, such as a fingerprint or facial characteristic Strong authentication solutions commonly involve a physical device, (e.g. token), used together with a password to prove the owner’s identity. A wide variety of strong authentication token technologies and form factors are available in the market. The following are descriptions of the key form factors available today: USB Tokens USB tokens are small handheld devices that users connect to their computers’ USB ports to authenticate. Users are granted access upon plugging the token into the USB port and entering the token password. The physical connection between the token and the computer enables these tokens to be used for multiple security applications such as secure local and remote network access, web access, laptop and PC protection, file encryption, user credential management, and secure transactions. Smart Cards More than 60% of enterprises Smart cards are credit card sized devices that contain highly secure microprocessor chips and more than 15% of SMBs dedicated for cryptographic operations. To authenticate, users must insert their smart cards use authentication methods into their readers and enter a password. Smart cards provide highly secure storage of user other than simple passwords credentials and keys. They also secure PKI implementation by generating keys and performing for workforce remote access to cryptographic operations on-board, without ever exposing the user’s private key to the computer environment. While providing extensive functionality and high security, smart cards lack enterprise networks. mobility. Using a smart card requires a separate reader for every machine in which the smart Gartner, Nov 2009 card will be used. Smart-card-based USB Tokens Smart-card-based USB tokens, which contain a smart card chip leverage the advantages of both USB tokens and smart cards to provide the greatest level of security, versatility, and they enable a broad range of security solutions and provide all of the benefits of a traditional smart card and reader – without requiring the separate reader. One-time Password (OTP) Tokens OTP tokens are small handheld devices that allow authentication using onetime passwords Strong Authentication: Securing Identities and Enabling Business White Paper 4
  • 5. generated by the device, based on a secret key shared by the device and an authentication server. A user wishing to authenticate enters the one-time password appearing on the token, and this value is compared to the value generated by the authentication server. While OTP tokens are highly portable, they do not provide the same level of support for multiple security applications that USB tokens and smart cards offer. Hybrid Tokens Hybrid tokens provide multiple types of functionality, which increases flexibility. Hybrid USB and OTP tokens allow full USB-based strong authentication and security solutions, as well as OTP- based strong authentication in detached mode when needed. Smart-card-based hybrid tokens that use the smart card chip for both USB and OTP functionalities provide maximum security. Software Tokens Software tokens enable strong authentication without a dedicated physical device. These tokens are software programs that can be stored on a user’s computer, or on mobile devices such as a cellular phone or PDA. Based on a secret key, the token generates a one-time password that is displayed on the computer or mobile device. Software OTP tokens are also available for use with mobile devices. Strong Authentication Solutions Are Evolving As market sophistication and experience with strong authentication increases, and as the level of threats resulting from ever more sophisticated cyber-crime grows, authentication solutions are evolving to meet market demands. Organizations are looking for broad, open solutions that enable them to incorporate many capabilities using a single system and which allow them to adjust as their business needs evolve. At the same time, they are looking for solutions that are easy to implement and use, to ensure user acceptance and maximize return on their investment. The following are some recent trends in strong authentication: Software Authentication on Mobile Phones Mobile phones are ubiquitious, so it makes sense using the device that most people carry around with them as the “what you have” factor in two-factor authentication. Mobile phones can support a range of authenticaiton methods, from OTP passcodes generated by an OTP application that is installed on the phone, to certificate-based tokens in software format – also installed on the Phone-based OOB authentication phone - and SMS passcode delivery. In the latter case, the SMS passcode is delivered to the products market estimated to phone via regular cellular channels. reach $137M in 2015 from $40m IN 2008 Out of Band Authentication OOB Authentication requires that separate information channels are used for communication. In N5CB, Frost & Sullivan, other words, the passcode that is entered into the website is delivered to the user on a separate September 2009 device from the device being used for logging in to the application. One of the more common forms of OOB authenticaiton is sending the passcode to users’ mobile phones via SMS. Another form of OOB Authentication is automatic call-back, either to a mobile number of a regular land line. Transaction Verification and Signing Transaction verification and signing is intended to reduce the risk of financial fraud which has become much more sophisticated over the past few years. Trasnaction verification adds another level of security to the authentication process by utilizing separate channels to reconfirm the details of a given transaction. Transaction verification can utlizie some to the methods already mentioned above, including Out of Band SMS delivery, where the SMS message contains the actual transaction details, in addition to a passcode that the user has to enter into the website. Another way of implementing transaction verification is through Interactive Voice Response (IVR), or with an OTP authentication device that has the added functionality of challenge response and transaction data display. Phone-based OOB authentication products market estimated to reach $137M in 2015 from $40m IN 2008 N5CB, Frost & Sullivan, September 2009 Strong Authentication: Securing Identities and Enabling Business White Paper 5
  • 6. Practical Considerations for Selecting a Strong Authentication Solution With the plethora of strong authentication offerings available today, it is important for organizations to carefully evaluate the available solutions before making a decision on which solution to implement. When choosing a strong authentication solution, organizations should take a number of factors into account. The following are some of the key elements to consider: Solution Coverage When investing in a strong authentication solution, organizations should carefully examine their current and future needs, and select the solution that best answers those needs. The following are some questions to consider: Do I want to protect my internal network from unauthorized access? If so, consider strong authentication solutions that enable flexible and comprehensive secure network access, both in the office and remotely if needed. Do my users need to connect from remote locations? If so, consider portable solutions that enable secure VPN and web access for remote users, and that enable employees to secure their laptops and data while on the road. Do my users need to access many password-protected applications? If so, consider solutions that provide single sign-on functionality, either by storing user credentials on the token or by integrating with external single sign-on systems. Do I want my users to digitally sign and encrypt sensitive data or transactions? If so, consider smart-card-based solutions that provide secure onboard PKI key generation and cryptographic operations, as well as mobility for users. How sensitive is my business data? The more sensitive the data, the higher the priority on the robustness and security of the solution. Do I want to firmly protect data that sits on my users’ PCs and laptops? If so, consider token solutions that integrate with PC security products such as boot protection and disk encryption applications that require the use of a token to boot a computer or decrypt protected data. Have I or do I want to implement a secure physical access solution? If so, consider token solutions that enable integration with physical access systems. Usability Users will be willing to adopt a strong authentication solution that is easy to learn and user friendly. Installation, updates, and similar processes should be easy and intuitive for both users and administrators. In addition, solutions that offer automated processes for resetting token passwords, handling lost or damaged tokens, and other token management tasks are likely to have increased acceptance. Openness A strong authentication solution based on an open architecture gives organizations the flexibility to integrate the solution with multiple third-party vendor products or customized applications. Offerings that include (SDKs), and a large set of solution partners that integrate the strong authentication offering into their products, provide increased opportunities for extending support for the solution. Flexibility A flexible strong authentication solution provides many benefits, enabling every organization to modify the solution based on its existing and evolving needs. Strong authentication vendors Strong Authentication: Securing Identities and Enabling Business White Paper 6
  • 7. that offer a range of devices that operate with the same set of security application, provide Benefits considerable cost savings and flexibility. Organizations can deploy any mix of devices for their • Core Benefits users and change that mix over time as desired. • quick and simple Manageability authentication for vPN A comprehensive management system can significantly reduce the challenge of implementing remote access a strong authentication solution by enabling enterprise-wide deployment and life-cycle • multiple certificate-based management of the entire solution, including the full inventory of authentication devices and security solutions on a single their associated security applications. Token and card management systems provide automated token tools and procedures that not only significantly reduce the load on the IT department, but also minimize errors. User self-service management tools further simplify the management of the • convenient, portable and solution and reduce the workload on the administrators. Therefore, when evaluating a strong “user friendly” authentication solution, the availability and extent of management capabilities offered as part of • the freedom to choose from the solution should be seriously considered. a variety of devices to meet your needs both today and Cost tomorrow Strong authentication solutions vary in cost and offerings. It is important to choose a solution that provides the needed capabilities and falls within budget. Organizations should take into • tailor authentication account the overall long-term cost of the solution, including initial investment costs, recurring solutions based on users fees, token replacement costs, and the costs involved in extending the solution as needed in the unique security profile future. • cost effective with low TCO SafeNet Strong Authentication Solutions • requires little or no ongoing SafeNet’s versatile portfolio of strong authentication solutions are designed to provide maintenance organizations with two critical enablers to moving business forward: freedom and flexibility. • built on award-winning, Freedom to choose from the most advanced authentication options available today that will innovative technology help meet your specific organizational, customer and regulatory requirements, and flexibility to enhance and adapt your solutions as those requirements change. whether it’s a simple • meets the highest security one-Time Password (OTP) remote access solution or an advanced certificate-based solution standards, and lets you to support applications such as digital signing or combined physical/logical access, SafeNet’s comply with privacy authentication solutions will meet all of your current and future security needs. regulations With SafeNet Authentication Solutions You Can: • Conduct business securely and efficiently and open new market opportunities with innovative products that enable secure data access while protecting identities for employees, customers and business partners. • Reduce risk with strong authentication solutions that prevent fraud and data theft and enable compliance to industry regulations. • Expand your options with a flexible range of strong, innovative certificate-based and simple to use oTP technologies that are easy to integrate, manage, support and use. Ideal for Remote Access and Advanced Security Applications SafeNet’s range of authentication solutions allow you to implement straightforward out-of-the- box packages for remote access, or mix and match from a broad selection of certificate-based, OTP and hybrid hardware and software authenticators to meet your organization’s specific risk profiles. SafeNet’s advanced security applications include solutions for password management, network logon, single-sign-on (SSo) and web signon (wSo). To find out more about SafeNet authentication solutions go to: http://www.safenet-inc.com/authentication Contact Us: For all office locations and contact information, please visit www.safenet-inc.com Follow Us: www.safenet-inc.com/connected ©2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. WP (EN)-11.08.10 Strong Authentication: Securing Identities and Enabling Business White Paper 7