SlideShare a Scribd company logo

What is Two Factor Authentication

ArrayShield Technologies Private Limited
ArrayShield Technologies Private Limited

Two Factor Authentication implies the use of two independent means of evidence to assert an entity – “Something the user has”, “Something user knows”.

Technology
1 of 2
Download to read offline
Concept Note – ArrayShield IDAS 2FA Concept Note – IDAS Two Factor Authentication What is Two Factor Authentication? Two Factor Authentication implies the use of two independent means of evidence to assert an entity – “Something the user has”, “Something user knows”. ArrayShield IDAS Two Factor Authentication Solution ArrayShield IDAS system provides a unique ArrayCard (Something user has) to each user and allows the user to select their pattern (something user only knows). Using these two factors of Authentication, user derives a dynamic password that changes for each transaction. Why Two Factor Authentication? Many organizations protect their infrastructure with a simple username and password. Entering this information grants access to organization’s sensitive data that is present in servers, databases, applications, email accounts, and other places. But it is widely acknowledged by Information Security Experts that passwords are notoriously insecure. Many users choose weak passwords which can be easily guessed or cracked. When password policies are enforced, users end up noting down their passwords on Post-It notes, mobiles, email or on their laptops which is serious security vulnerability. Phishing attacks trick users into revealing their passwords. Malicious viruses and spyware can capture passwords and send them over the network to attackers. All the above scenarios make it very difficult for organizations to protect their sensitive data from the hands of hackers and competitors. Organizations of all sizes from Fortune500 to SME, government have witnessed multiple hacking attacks recently that were caused by gaining knowledge of user’s password. The cause for concern is only magnified as the cost associated with a data breach has reached an estimate of $ 6.6 million. ArrayShield | info@arrayshield.com Page 1
Concept Note – ArrayShield IDAS 2FA Clearly passwords are not sufficient for protecting organization’s data: • Easy passwords can be cracked • Random passwords can’t be remembered • Same passwords are used at multiple places • Passwords that needs to be continuously changed are not user-friendly Additionally, government regulations such as Sarbanes-Oxley, PCI Data Security Standard, US Data Breach Notification Laws and others have been put in place to protect access to corporate networks. Failure to meet requirements that call for the implementation of two-factor authentication could result in regulatory fines and irreversible damage to a brand’s reputation. Security experts worldwide suggest the usage of a strong, two-factor authentication to protect organizations assets. The same is also recommended by various compliances/certifications like PCI-DSS, HIPAA, SAS 70, ISO 27001 and others. How ArrayShield IDAS works? ArrayShield innovative two factor authentication system – IDAS provides a simple secure access to enterprise applications. By using its innovative pattern based authentication it provides One- Time-Secret-Code for every login transaction without using any smart hardware. In IDAS every user is shown with a matrix on the login screen which is populated with random characters for every transaction. User has to choose a pattern which is a sequence of cells in the matrix and should register the same with the system prior accessing the ArrayShield IDAS Two-Factor solution. A translucent card is provided to each user which has a similar structured matrix with transparent and opaque cells and some random characters imprinted on the opaque cells. Each card is unique in terms of the position of the opaque cells and the characters imprinted on them. At the time of accessing the application, user is shown with the randomly populated matrix as a challenge. The user overlaps the translucent card on the shown matrix and will key in the characters present in the chosen pattern in the same order. These characters form the One- Time-Secret-Code for the user for that transaction. The ArrayShield IDAS server verifies the user credentials by comparing user’s registered pattern and the pattern values entered by the user. Access is given to the user if the user credentials are valid. Conclusion By using ArrayShield IDAS Two-Factor authentication solution, organizations can enable secure access to their enterprise Applications. The solution will make organizations of all sizes and complexities protect from the malicious attacks happening on the enterprise applications. ArrayShield | info@arrayshield.com Page 2

Recommended

Two Factor Authentication for Google Apps
Two Factor Authentication for Google AppsTwo Factor Authentication for Google Apps
Two Factor Authentication for Google AppsArrayShield Technologies Private Limited
 
Cloud App Security
Cloud App SecurityCloud App Security
Cloud App SecurityAlvaro Rezende
 
Cloud computing identity management summary
Cloud computing identity management summaryCloud computing identity management summary
Cloud computing identity management summaryBrandon Dunlap
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect DesignRajat Jain
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIOSR Journals
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...Cláudia Alves
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 

Recommended

Two Factor Authentication for Google Apps
Two Factor Authentication for Google AppsTwo Factor Authentication for Google Apps
Two Factor Authentication for Google AppsArrayShield Technologies Private Limited
 
Cloud App Security
Cloud App SecurityCloud App Security
Cloud App SecurityAlvaro Rezende
 
Cloud computing identity management summary
Cloud computing identity management summaryCloud computing identity management summary
Cloud computing identity management summaryBrandon Dunlap
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect DesignRajat Jain
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIOSR Journals
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...
Enabling privacy and_traceability_in_supply_chains_using_blockchain_and_zero_...Cláudia Alves
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 
Azure information protection_datasheet_en-us
Azure information protection_datasheet_en-usAzure information protection_datasheet_en-us
Azure information protection_datasheet_en-usKjetil Lund-Paulsen
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights ManagementRahul Neel Mani
 
Up 2011-ken huang
Up 2011-ken huangUp 2011-ken huang
Up 2011-ken huangKen Huang
 
EnterpriseCollaboration_SolutionOverview_06Jun2016
EnterpriseCollaboration_SolutionOverview_06Jun2016EnterpriseCollaboration_SolutionOverview_06Jun2016
EnterpriseCollaboration_SolutionOverview_06Jun2016Wesley Veitch
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industryCloudMask inc.
 
C01461422
C01461422C01461422
C01461422IOSR Journals
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Umer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyClickSSL
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through WebEric Inch
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSDavid J Rosenthal
 
Hexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
SaaS Platform Securing
SaaS Platform SecuringSaaS Platform Securing
SaaS Platform SecuringLeo TechnoSoft
 
Information Rights Management (IRM)
Information Rights Management (IRM)Information Rights Management (IRM)
Information Rights Management (IRM)Network Intelligence India
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Protect your Data even under breach
Protect your Data even under breachProtect your Data even under breach
Protect your Data even under breachCloudMask inc.
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideEntrust Datacard
 
Two Factor Authentication for VPN
Two Factor Authentication for VPNTwo Factor Authentication for VPN
Two Factor Authentication for VPNArrayShield Technologies Private Limited
 
Problems with biometric authentication
Problems with biometric authenticationProblems with biometric authentication
Problems with biometric authenticationArrayShield Technologies Private Limited
 

More Related Content

What's hot

Azure information protection_datasheet_en-us
Azure information protection_datasheet_en-usAzure information protection_datasheet_en-us
Azure information protection_datasheet_en-usKjetil Lund-Paulsen
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights ManagementRahul Neel Mani
 
Up 2011-ken huang
Up 2011-ken huangUp 2011-ken huang
Up 2011-ken huangKen Huang
 
EnterpriseCollaboration_SolutionOverview_06Jun2016
EnterpriseCollaboration_SolutionOverview_06Jun2016EnterpriseCollaboration_SolutionOverview_06Jun2016
EnterpriseCollaboration_SolutionOverview_06Jun2016Wesley Veitch
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industryCloudMask inc.
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Umer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyClickSSL
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through WebEric Inch
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSDavid J Rosenthal
 
Hexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
SaaS Platform Securing
SaaS Platform SecuringSaaS Platform Securing
SaaS Platform SecuringLeo TechnoSoft
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Protect your Data even under breach
Protect your Data even under breachProtect your Data even under breach
Protect your Data even under breachCloudMask inc.
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideEntrust Datacard
 

What's hot (20)

Azure information protection_datasheet_en-us
Azure information protection_datasheet_en-usAzure information protection_datasheet_en-us
Azure information protection_datasheet_en-us
 
Seclore: Information Rights Management
Seclore: Information Rights ManagementSeclore: Information Rights Management
Seclore: Information Rights Management
 
Up 2011-ken huang
Up 2011-ken huangUp 2011-ken huang
Up 2011-ken huang
 
EnterpriseCollaboration_SolutionOverview_06Jun2016
EnterpriseCollaboration_SolutionOverview_06Jun2016EnterpriseCollaboration_SolutionOverview_06Jun2016
EnterpriseCollaboration_SolutionOverview_06Jun2016
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industry
 
C01461422
C01461422C01461422
C01461422
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASB
 
Umer Khalid Thesis Abstract
Umer Khalid Thesis AbstractUmer Khalid Thesis Abstract
Umer Khalid Thesis Abstract
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through Web
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMS
 
Hexnode Identity and Access Management solution
Hexnode Identity and Access Management solutionHexnode Identity and Access Management solution
Hexnode Identity and Access Management solution
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
SaaS Platform Securing
SaaS Platform SecuringSaaS Platform Securing
SaaS Platform Securing
 
Information Rights Management (IRM)
Information Rights Management (IRM)Information Rights Management (IRM)
Information Rights Management (IRM)
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
 
Protect your Data even under breach
Protect your Data even under breachProtect your Data even under breach
Protect your Data even under breach
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection
 
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration GuideSwitch to SHA-2 SSL - A Step-by-Step Migration Guide
Switch to SHA-2 SSL - A Step-by-Step Migration Guide
 

Viewers also liked

Métodos de tratamiento para aguas contaminadas.
Métodos de tratamiento para aguas contaminadas.Métodos de tratamiento para aguas contaminadas.
Métodos de tratamiento para aguas contaminadas.Kara Hernandez
 

Viewers also liked (6)

Two Factor Authentication for VPN
Two Factor Authentication for VPNTwo Factor Authentication for VPN
Two Factor Authentication for VPN
 
Problems with biometric authentication
Problems with biometric authenticationProblems with biometric authentication
Problems with biometric authentication
 
PCQuest reviews ArrayShield Product
PCQuest reviews ArrayShield ProductPCQuest reviews ArrayShield Product
PCQuest reviews ArrayShield Product
 
Two Factor Authentication for Salesforce
Two Factor Authentication for SalesforceTwo Factor Authentication for Salesforce
Two Factor Authentication for Salesforce
 
Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacks
 
Métodos de tratamiento para aguas contaminadas.
Métodos de tratamiento para aguas contaminadas.Métodos de tratamiento para aguas contaminadas.
Métodos de tratamiento para aguas contaminadas.
 

Similar to What is Two Factor Authentication

Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Identacor
 
PCI Compliance Report
PCI Compliance ReportPCI Compliance Report
PCI Compliance ReportHolly Vega
 
Detection of Attacker using Honeywords
Detection of Attacker using HoneywordsDetection of Attacker using Honeywords
Detection of Attacker using Honeywordsijtsrd
 
10695 sidtfa sb_0210
10695 sidtfa sb_021010695 sidtfa sb_0210
10695 sidtfa sb_0210Hai Nguyen
 
MIS 428 information secuirty v1.pdf
MIS 428 information secuirty v1.pdfMIS 428 information secuirty v1.pdf
MIS 428 information secuirty v1.pdfDrSalehAlSaleh
 
Data Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud eraData Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud eraDavid De Vos
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
Web applications vulnerabilities and threats
Web applications vulnerabilities and threatsWeb applications vulnerabilities and threats
Web applications vulnerabilities and threatsPrakash Poudel
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
School of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxSchool of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxjeffsrosalyn
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approachIdexcel Technologies
 
Beyond Security Article_Cyber Security_April_2015
Beyond Security Article_Cyber Security_April_2015Beyond Security Article_Cyber Security_April_2015
Beyond Security Article_Cyber Security_April_2015RAVI PRAKASH
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015Francisco Anes
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutionsharman041
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 

Similar to What is Two Factor Authentication (20)

Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
PCI Compliance Report
PCI Compliance ReportPCI Compliance Report
PCI Compliance Report
 
Detection of Attacker using Honeywords
Detection of Attacker using HoneywordsDetection of Attacker using Honeywords
Detection of Attacker using Honeywords
 
10695 sidtfa sb_0210
10695 sidtfa sb_021010695 sidtfa sb_0210
10695 sidtfa sb_0210
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
 
MIS 428 information secuirty v1.pdf
MIS 428 information secuirty v1.pdfMIS 428 information secuirty v1.pdf
MIS 428 information secuirty v1.pdf
 
Data Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud eraData Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud era
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
Web applications vulnerabilities and threats
Web applications vulnerabilities and threatsWeb applications vulnerabilities and threats
Web applications vulnerabilities and threats
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
Ingres database and compliance
Ingres database and complianceIngres database and compliance
Ingres database and compliance
 
School of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxSchool of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docx
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMask
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approach
 
Beyond Security Article_Cyber Security_April_2015
Beyond Security Article_Cyber Security_April_2015Beyond Security Article_Cyber Security_April_2015
Beyond Security Article_Cyber Security_April_2015
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
Database Security
Database SecurityDatabase Security
Database Security
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
 

Recently uploaded

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Recently uploaded (20)

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

What is Two Factor Authentication

  • 1. Concept Note – ArrayShield IDAS 2FA Concept Note – IDAS Two Factor Authentication What is Two Factor Authentication? Two Factor Authentication implies the use of two independent means of evidence to assert an entity – “Something the user has”, “Something user knows”. ArrayShield IDAS Two Factor Authentication Solution ArrayShield IDAS system provides a unique ArrayCard (Something user has) to each user and allows the user to select their pattern (something user only knows). Using these two factors of Authentication, user derives a dynamic password that changes for each transaction. Why Two Factor Authentication? Many organizations protect their infrastructure with a simple username and password. Entering this information grants access to organization’s sensitive data that is present in servers, databases, applications, email accounts, and other places. But it is widely acknowledged by Information Security Experts that passwords are notoriously insecure. Many users choose weak passwords which can be easily guessed or cracked. When password policies are enforced, users end up noting down their passwords on Post-It notes, mobiles, email or on their laptops which is serious security vulnerability. Phishing attacks trick users into revealing their passwords. Malicious viruses and spyware can capture passwords and send them over the network to attackers. All the above scenarios make it very difficult for organizations to protect their sensitive data from the hands of hackers and competitors. Organizations of all sizes from Fortune500 to SME, government have witnessed multiple hacking attacks recently that were caused by gaining knowledge of user’s password. The cause for concern is only magnified as the cost associated with a data breach has reached an estimate of $ 6.6 million. ArrayShield | info@arrayshield.com Page 1
  • 2. Concept Note – ArrayShield IDAS 2FA Clearly passwords are not sufficient for protecting organization’s data: • Easy passwords can be cracked • Random passwords can’t be remembered • Same passwords are used at multiple places • Passwords that needs to be continuously changed are not user-friendly Additionally, government regulations such as Sarbanes-Oxley, PCI Data Security Standard, US Data Breach Notification Laws and others have been put in place to protect access to corporate networks. Failure to meet requirements that call for the implementation of two-factor authentication could result in regulatory fines and irreversible damage to a brand’s reputation. Security experts worldwide suggest the usage of a strong, two-factor authentication to protect organizations assets. The same is also recommended by various compliances/certifications like PCI-DSS, HIPAA, SAS 70, ISO 27001 and others. How ArrayShield IDAS works? ArrayShield innovative two factor authentication system – IDAS provides a simple secure access to enterprise applications. By using its innovative pattern based authentication it provides One- Time-Secret-Code for every login transaction without using any smart hardware. In IDAS every user is shown with a matrix on the login screen which is populated with random characters for every transaction. User has to choose a pattern which is a sequence of cells in the matrix and should register the same with the system prior accessing the ArrayShield IDAS Two-Factor solution. A translucent card is provided to each user which has a similar structured matrix with transparent and opaque cells and some random characters imprinted on the opaque cells. Each card is unique in terms of the position of the opaque cells and the characters imprinted on them. At the time of accessing the application, user is shown with the randomly populated matrix as a challenge. The user overlaps the translucent card on the shown matrix and will key in the characters present in the chosen pattern in the same order. These characters form the One- Time-Secret-Code for the user for that transaction. The ArrayShield IDAS server verifies the user credentials by comparing user’s registered pattern and the pattern values entered by the user. Access is given to the user if the user credentials are valid. Conclusion By using ArrayShield IDAS Two-Factor authentication solution, organizations can enable secure access to their enterprise Applications. The solution will make organizations of all sizes and complexities protect from the malicious attacks happening on the enterprise applications. ArrayShield | info@arrayshield.com Page 2