SecureAuth IdP Device Fingerprinting
|
|
- Myles Walters
- 7 years ago
- Views:
Transcription
1 Technical Brief SecureAuth IdP Device Fingerprinting Low-Friction BYOD Authentication March 2015
2 Executive Overview The explosion of devices desktops, laptops, and now the plethora of mobile devices has left enterprises scrambling to properly control access to their resources. Simple username and password combinations are too easily compromised or forgotten, creating points of vulnerability. Though users may be comfortable with shielding their Facebook profiles behind single-factor authentication, enterprise information must be more strongly secured. But adding layers of authentication without compromising ease of use has proven to be an elusive goal. SecureAuth IdP s device fingerprinting delivers the flexibility, security, and convenience required to increase layers of authentication without creating high friction for users. In fact, device fingerprinting often actually improves the user experience. This paper explains what device fingerprinting is, how it works, and the many benefits it delivers for mobile and BYOD work environments. Assert Your Identity 2
3 Table of Contents What is Device Fingerprinting?... 4 How Does it Work?... 4 Registering a device to a user Validation during subsequent authentication attempts Key Benefits... 6 Enabling Devices to Evolve... 7 A heuristics-based solution you control Setting the weight for each device characteristic Evaluating whether it is the same device Example Secure Mobile Apps for Android and ios Integrated into SecureAuth IdP for All Resources Conclusion Assert Your Identity 3
4 What is Device Fingerprinting? SecureAuth IdP device fingerprinting is a revolutionary system designed to strengthen mobile security while simplifying the login and access process for users. Device fingerprinting enables secure and convenient access to all resources from any desktop or mobile device by capturing and storing a device s unique characteristics and saving them in the directory for future reference. How Does It Work? Each mobile device laptop, tablet, or smartphone has unique characteristics, including variations of HTTP headers, IP addresses, browser fonts, browser plug-ins, user data storage, and time zone. Using a heuristics-based approach, SecureAuth IdP device fingerprinting exploits this information for device registration and subsequent device validation. When a user first attempts to access enterprise resources from a particular device and is successfully authenticated, SecureAuth IdP pulls specific characteristics from that device and stores them in the directory, registering the device (Figure 1) Internet 1 2 Desktop and Mobile Based Users Enterprise 5 6 One or More Directories Figure 1: Registering a device to a user upon first access attempt Registering a device to a user + + A user attempts to access an application from a desktop or mobile device and is redirected to SecureAuth IdP for authentication A. + + SecureAuth IdP conducts a configurable authentication (single-factor, twofactor, three-factor, and so on) S. + + Upon successful authentication, SecureAuth IdP sends server-based commands to the client D to pull the unique characteristics (header, fonts, plug-ins, screen size, HTML5 storage facilities, IP address, cookie storage, etc.) from the device F. + + SecureAuth IdP creates a numeric representation of the values and stores it G to a local directory H that can be accessed by administrators and referenced by the authenticated user ID. + + The user is redirected with appropriate single sign-on (SSO) from SecureAuth IdP to the original target resource. Assert Your Identity 4
5 When the user makes subsequent access requests from the device, the registered characteristics are used to validate the user and device (Figure 2), delivering a low-friction user experience without sacrificing security Internet 2 Desktop and Mobile Based Users Enterprise 2 One or More Directories Figure 2: Once the device is registered to the user, subsequent authentications are low friction. Validation during subsequent authentication attempts + + A user attempts to access an application from a desktop or mobile device and is redirected to SecureAuth IdP for authentication A. + + The user supplies enterprise credentials, and SecureAuth IdP compares the fingerprint of the user s device against the directory S. + + If a match is found, SecureAuth IdP counts it as a successful second factor and returns an SSO token to the user for access to the VPN, cloud, web, or mobile resource D, with no SMS, telephony, or OOB authentication required. Assert Your Identity 5
6 Key Benefits By enabling companies to keep a record of the devices employed by each user, IdP device fingerprinting eliminates the need to impose high-friction authentication on subsequent access attempts. Users can work on multiple devices and multiple users can work on a single device all without high-impact authentication processes. In fact, device fingerprinting delivers all of the following benefits: + + Low-friction authentication Once a device has been registered to a user with device fingerprinting, that user is not burdened with multiple authentications for each subsequent session from that device. This dramatically simplifies the login and access process for users who frequently employ the same resources, especially portals. + + One user, multiple devices If a user who has a registered device attempts access from a different device, SecureAuth can be configured either to deny access or to usher the user through another enrollment so that the user can register the new device for subsequent access requests. In fact, a user s profile can house multiple device fingerprints to speed future validations. + + One device, multiple users When a shared device is first registered, it is linked to one particular user s profile, and that user is then able to work on the device without re-authenticating. If another user attempts to access enterprise resources from the same device, SecureAuth IdP will pull identifiers from the device and attempt to match them to any devices registered for that user. When that attempt fails, the system will recognize that the device has not been registered to this new user, and will redirect the user to the IdP for authentication before access is granted. Device fingerprinting will then store the device under the new user s profile, without altering or deleting any previous device registrations. + + Time-limited registration Users can be issued a time-limited registration, which forces them to re-register after a specified period. + + Easy device revocation SecureAuth IdP limits the risks associated with BYOD by offering one-touch revocation, which maintains security even if a device is compromised or a user leaves the company. An easy-to-use interface shows all the devices registered to a given user, and the administrator can revoke any device simply by unchecking it in the list. + + User self-management Users can register themselves, modify their profiles, reset their passwords, and revoke access on their own devices at any time without assistance from IT. + + No thick clients This is all accomplished without the need for any thick clients on the device. Assert Your Identity 6
7 Enabling Devices to Evolve A heuristics-based solution you control As we have seen, SecureAuth IdP device fingerprinting works by comparing a user s current device to the device s fingerprint stored in the directory. But of course, devices are constantly changing the operating system is updated, plug-ins are added or deleted, users change the screen resolution, and so on. In fact, more often than not, a device s specifications on subsequent authorization attempts will not be an exact match to the fingerprint on record. You don t want to cause high friction for the user by requiring two-factor authentication for minor changes, but you don t want to allow new devices to slip through unchallenged either. And you don t want to clutter up your directory by registering a new fingerprint whenever a device changes. Accordingly, whenever a user authenticates, the goal is to determine which of the following applies: 1) The device is mostly similar to a stored fingerprint and therefore should be accepted as is. 2) The device has undergone some minor updates and therefore the existing device fingerprint should be updated. 3) The device is new altogether and therefore a new registration is required. To accomplish this goal, SecureAuth IdP device fingerprinting uses a heuristicbased approach that you can customize to meet your unique needs and priorities. Setting the weight for each device characteristic Each device characteristic used in the device fingerprint is assigned a weight, which you can adjust to suit your environment as illustrated in Figure 3. Supported characteristics include: + + HTTP header information: User-Agent Accept Accept CharSet Accept Encoding Accept Language + + Browser plug-in list + + Browser flash fonts + + Device host address/ip + + Screen resolution + + HTML5 local storage + + HTML5 session storage + + IE user data support + + Browser cookie enable/disable setting + + Time zone Assert Your Identity 7
8 Because SecureAuth IdP is a multi-tenant solution, you can adjust these settings for each protected resource. Figure 3: You can specify how much weight to assign to each device characteristic. Evaluating whether it is the same device SecureAuth IdP device fingerprinting uses these weights to help determine whether a device matches a device already registered to that user. Specifically, upon the device registration, SecureAuth IdP generates a numeric fingerprint for the device and stores it in the directory, associating it with the user. For subsequent authentications, SecureAuth IdP re-examines the device with the same algorithm, creates a new numeric fingerprint, and calculates how closely the new fingerprint matches the stored one. The matching percentage the Device Certainty Score (DCS) is a number between 0 and 100. A DCS of 100 means the device seeking authentication is identical to the fingerprint on record; a DCS of zero means it is completely different. Recall that the goal is to determine whether the device should be accepted as is, the existing device footprint should be updated, or the device should be registered as new. Breaking the DCS into these three groups requires you to set two values, as shown in Figure 4: + + Match score The lowest DCS value that can be accepted before a new fingerprint is computed + + Update score The lowest DCS value that can be accepted before the user is required to re-register Assert Your Identity 8
9 Using these two values and the DCS, SecureAuth IdP can determine how to proceed with an access attempt: Device Certainty Score (DCS) 100 DCS >= match score If the DCS is greater than or equal to the match score, the device is considered pre-registered and no additional authentication is required. Match Score Match score > DCS > update score If the DCS falls between the match score and the update score, then the device is considered likely to be pre-registered but with a few characteristics changed. SecureAuth IdP will conduct a second factor and then update the fingerprint for the user in the directory. Update Score 0 Update score > DCS If the DCS is below the update score, SecureAuth IdP considers the device to be new. After conducting a secure second factor, it will register the device for the user by creating a device fingerprint for the new device and storing it in the directory for the user. Figure 4: By specifying match and update scores you can customize the rigidity of the validation process, enabling devices to evolve without users having to re-register. By setting the match and update scores wisely, you can ensure that users enjoy a low-friction authentication experience most of the time, that device fingerprints are updated when appropriate, and that new fingerprints are added only when necessary. Example For example, suppose a user registers his Windows 7 desktop, but before he returns, the system goes through a major upgrade, including browser plug-ins and system modifications. Upon his next usage, SecureAuth IdP would recognize that the device is the same, but the fingerprinting would reflect the variation. To be secure, the user would be required to re-authenticate, but rather than registering a new device, SecureAuth IdP would update the existing device fingerprint. Just as administrators can set preferences for all individual users with SecureAuth IdP, adjustments can also be made per authentication workflow to establish distinct heuristic requirements for individual applications. Assert Your Identity 9
10 Secure Mobile Apps for Android and ios For enterprises that require higher than normal security for mobile device access, SecureAuth offers device-specific mobile applications for Android and ios devices that augment browser-based fingerprinting. These applications execute native commands on ios or Android clients in order to extract device-specific information. The Android app is able to extract the serial number from the mobile unit; the ios app pulls the UDID for versions 5.0 and earlier, and the Advertiser ID for later models. Both platforms also extract the friendly name, such as Android Nexus Integrated into SecureAuth IdP for All Resources SecureAuth IdP device fingerprinting can be used for all enterprise resources, including: + + Enterprise web applications (SharePoint,.NET, J2EE, WebLogic) + + Network resources (Juniper, F5, Citrix) + + Cloud resources (Google, Microsoft, Salesforce, Taleo) + + Mobile applications (Android, ios, Windows) Conclusion With SecureAuth IdP s innovative device fingerprinting, your enterprise can now embrace BYOD and mobile business without sacrificing either security or ease of use. In fact, you can tailor the solution to meet your organization s requirements, determining when devices match a stored footprint closely enough to bypass further authentication and when they do not, so you can deliver a low-friction user experience while maintaining the security your organization requires. To learn more visit Assert Your Identity 10
11 8965 Research Drive Irvine, CA p: f: secureauth.com
WHITEPAPER SECUREAUTH IDP DEVICE FINGERPRINTING LOW-FRICTION, BYOD AUTHENTICATION
WHITEPAPER SECUREAUTH IDP DEVICE FINGERPRINTING LOW-FRICTION, BYOD AUTHENTICATION Executive Overview The explosion of devices laptops, desktops and now the plethora of mobile devices has left enterprises
More informationSECUREAUTH IDP AND OFFICE 365
WHITEPAPER SECUREAUTH IDP AND OFFICE 365 STRONG AUTHENTICATION AND SINGLE SIGN-ON FOR THE CLOUD-BASED OFFICE SUITE EXECUTIVE OVERVIEW As more and more enterprises move to the cloud, it makes sense that
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationWHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES
WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES Executive Overview U.S. Federal mandates dictates that personal with defense related initiatives must prove access
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationWhite Paper. Revolutionizing Remote Secure Access: Strong, Adaptive Authentication for Healthcare
White Paper Revolutionizing Remote Secure Access: Strong, Adaptive Authentication for Healthcare June 2015 Introduction The primacy of healthcare cyber security is accompanied by challenges unique to the
More informationSecure Access Control for Mobile, Cloud, and Web Apps
Secure Access Control for Mobile, Cloud, and Web Apps SecureAuth IdP is a revolutionary platform that provides flexible and secure access control through strong authentication, single sign-on, and user
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES
CONTENTS About Tools4ever... 3 About Deloitte Risk Services... 3 HelloID... 4 Microsoft Azure... 5 HelloID Security Architecture... 6 Scenarios... 8 SAML Identity Provider (IDP)... 8 Service Provider SAML
More informationI D C V E N D O R S P O T L I G H T
I D C V E N D O R S P O T L I G H T E n f o r c i n g I dentity a nd Access Management i n C l o u d a n d Mobile Envi r o n m e n t s November 2012 Adapted from Worldwide Identity and Access Management
More informationWHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT
WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT Executive Overview SAML (Security Assertion Markup Language) is a standard that facilitates the exchange of security information. Developed by
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationEXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report
KuppingerCole Report EXECUTIVE VIEW by Dave Kearns March 2015 SecureAuth IdP SecureAuth IdP combines cloud single sign-on capabilities with strong authentication and risk-based access control while focusing
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationWhite Paper. FFIEC Authentication Compliance Using SecureAuth IdP
White Paper FFIEC Authentication Compliance Using SecureAuth IdP September 2015 Introduction Financial institutions today face an important challenge: They need to comply with guidelines established by
More informationTwo-Factor Authentication (2FA) Registration Instructions Symantec VIP Access
Two-Factor Authentication (2FA) Registration Instructions Symantec VIP Access To strengthen KBR information security and safeguard company data, Information Technology will implement two-factor authentication
More informationThe Cloud, Mobile and BYOD Security Opportunity with SurePassID
The Cloud, Mobile and BYOD Security Opportunity with SurePassID Presentation for MSPs and MSSPs January 2014 SurePassID At A Glance Founded 2009 Headquartered in Orlando, FL 6 sales offices in North America,
More informationIntroduction to SAML
Introduction to THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY Introduction to Introduction In today s world of rapidly expanding and growing software development; organizations, enterprises and governments
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationAn Overview of Samsung KNOX Active Directory-based Single Sign-On
C E N T R I F Y W H I T E P A P E R. S E P T E M B E R 2013 An Overview of Samsung KNOX Active Directory-based Single Sign-On Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationADAPTIVE USER AUTHENTICATION
ADAPTIVE USER AUTHENTICATION SMS PASSCODE is the leading technology in adaptive multi-factor authentication, improving enterprise security and productivity through an easy to use and intelligent solution
More informationSalesforce1 Mobile Security Guide
Salesforce1 Mobile Security Guide Version 1, 1 @salesforcedocs Last updated: December 8, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationMobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing
Driving Productivity Without Compromising Protection Brian Duckering Mobile Trend Marketing Mobile Device Explosion Paves Way for BYOD 39% 69% 340% 2,170% 2010 177M corp PCs 2015 246M corp PCs 2010 173
More informationA Standards-based Mobile Application IdM Architecture
A Standards-based Mobile Application IdM Architecture Abstract Mobile clients are an increasingly important channel for consumers accessing Web 2.0 and enterprise employees accessing on-premise and cloud-hosted
More informationWhite Paper. What is an Identity Provider, and Why Should My Organization Become One?
White Paper What is an Identity Provider, and Why Should My Organization Become One? May 2015 Executive Overview Tame Access Control Security Risks: Become an Identity Provider (IdP) Organizations today
More informationCentral Desktop Enterprise Edition (Security Pack)
Central Desktop Enterprise Edition (Security Pack) The Central Desktop Security Pack is included in the Enterprise Edition of Central Desktop. The Enterprise Edition is for companies and organizations
More informationGateway Apps - Security Summary SECURITY SUMMARY
Gateway Apps - Security Summary SECURITY SUMMARY 27/02/2015 Document Status Title Harmony Security summary Author(s) Yabing Li Version V1.0 Status draft Change Record Date Author Version Change reference
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationTrustedX - PKI Authentication. Whitepaper
TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...
More informationnexus Hybrid Access Gateway
Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries
More informationA Guide to New Features in Propalms OneGate 4.0
A Guide to New Features in Propalms OneGate 4.0 Propalms Ltd. Published April 2013 Overview This document covers the new features, enhancements and changes introduced in Propalms OneGate 4.0 Server (previously
More informationTwo Factor Authentication - USER GUIDE
Two Factor Authentication - USER GUIDE Two Factor Authentication (or 2FA) is a two step verification process that provides an extra layer of security for you when accessing your account within Online Services.
More informationActive Directory Compatibility with ExtremeZ-IP. A Technical Best Practices Whitepaper
Active Directory Compatibility with ExtremeZ-IP A Technical Best Practices Whitepaper About this Document The purpose of this technical paper is to discuss how ExtremeZ-IP supports Microsoft Active Directory.
More informationexpanding web single sign-on to cloud and mobile environments agility made possible
expanding web single sign-on to cloud and mobile environments agility made possible the world of online business is rapidly evolving In years past, customers once tiptoed cautiously into the realm of online
More informationSingle Sign On for ShareFile with NetScaler. Deployment Guide
Single Sign On for ShareFile with NetScaler Deployment Guide This deployment guide focuses on defining the process for enabling Single Sign On into Citrix ShareFile with Citrix NetScaler. Table of Contents
More informationWHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ)
WHITE PAPER Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ) SEPTEMBER 2004 Overview Password-based authentication is weak and smart cards offer a way to address this weakness,
More informationHow to Implement Enterprise SAML SSO
How to Implement Enterprise SSO THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY How to Implement Enterprise SSO Introduction Security Assertion Markup Language, or, provides numerous The advantages and
More informationFairsail REST API: Guide for Developers
Fairsail REST API: Guide for Developers Version 1.02 FS-API-REST-PG-201509--R001.02 Fairsail 2015. All rights reserved. This document contains information proprietary to Fairsail and may not be reproduced,
More informationInitial DUO 2 Factor Setup, Install, Login and Verification
Please read this entire document it contains important instructions that will help you with the setup and maintenance of your DUO account. PLEASE NOTE: Use of a smartphone is the fastest and simplest way
More informationWeb Applications Access Control Single Sign On
Web Applications Access Control Single Sign On Anitha Chepuru, Assocaite Professor IT Dept, G.Narayanamma Institute of Technology and Science (for women), Shaikpet, Hyderabad - 500008, Andhra Pradesh,
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationCopyright: WhosOnLocation Limited
How SSO Works in WhosOnLocation About Single Sign-on By default, your administrators and users are authenticated and logged in using WhosOnLocation s user authentication. You can however bypass this and
More informationBYOD How-To Guide. How do I securely deliver my company s applications and data to BYOD?
BYOD How-To Guide How do I securely deliver my company s applications and data to BYOD? Table of Contents Harness the power of BYOD with Mobile Workspaces Why BYOD? Enterprise Mobile Requirements Mobile
More informationAlex Wong Senior Manager - Product Management Bruce Ong Director - Product Management
Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management 1 Product Roadmap Disclaimer Any forward-looking indication of plans for products is preliminary and all future release
More informationSingle Sign-On Portal User Reference (Okta Cloud SSO)
Single Sign-On Portal User Reference (Okta Cloud SSO) Contents Okta Single Sign-on Portal... 3 Initial account creation and configuration... 3 First time manual login to the Okta Single Sign-on Portal...
More informationHow To Manage A Plethora Of Identities In A Cloud System (Saas)
TECHNICAL WHITE PAPER Intel Cloud SSO How Intel Cloud SSO Works Just as security professionals have done for ages, we must continue to evolve our processes, methods, and techniques in light of the opportunities
More informationSOLUTION BRIEF MOBILE SECURITY. Securely Accelerate Your Mobile Business
SOLUTION BRIEF MOBILE SECURITY Securely Accelerate Your Mobile Business CA Technologies allows you to accelerate mobile innovation for customers and employees without risking your enterprise data or applications.
More informationCisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief
Guide Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief October 2012 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 21 Contents
More informationPreventing Attackers from Getting What They Want
Preventing Attackers from Getting What They Want A Case for Context-Based Authentication Written by Keith Graham, CTO, SecureAuth November 2014 Whitepaper Executive Overview Attacks on organizations are
More informationConnected Data. Connected Data requirements for SSO
Chapter 40 Configuring Connected Data The following is an overview of the steps required to configure the Connected Data Web application for single sign-on (SSO) via SAML. Connected Data offers both IdP-initiated
More informationSecurity Implementation Guide
Security Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: December 24, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark
More informationBrainloop Secure Dataroom Version 8.30. QR Code Scanner Apps for ios Version 1.1 and for Android
Brainloop Secure Dataroom Version 8.30 QR Code Scanner Apps for ios Version 1.1 and for Android Quick Guide Brainloop Secure Dataroom Version 8.30 Copyright Brainloop AG, 2004-2015. All rights reserved.
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More informationOffice 365 deployment checklists
Chapter 128 Office 365 deployment checklists This document provides some checklists to help you make sure that you install and configure your Office 365 deployment correctly and with a minimum of issues.
More informationTotal Enterprise Mobility
Total Enterprise Mobility Presented by Wlodek Dymaczewski, IBM Wlodek Dymaczewski dymaczewski@pl.ibm.com www.maas360.com Top Enterprise Mobility Initiatives Embrace Bring Your Own Device (BYOD) Migrate
More informationUSING FEDERATED AUTHENTICATION WITH M-FILES
M-FILES CORPORATION USING FEDERATED AUTHENTICATION WITH M-FILES VERSION 1.0 Abstract This article provides an overview of federated identity management and an introduction on using federated authentication
More informationSwivel Secure and the Cloud
Swivel Secure and the Cloud Authentication for Cloud Application Abstract This document describes the issues relating to authenticating to cloud applications and how the Swivel authentication platform
More informationBring Your Own Device. Putting Context into Wireless Security. Glen Stacey Networking Systems Engineer Glen_stacey@dell.com
Bring Your Own Device Putting Context into Wireless Security Glen Stacey Networking Systems Engineer Glen_stacey@dell.com ipad in the News More and more ipads will find their way into the workplace in
More informationOffice 365 deploym. ployment checklists. Chapter 27
Chapter 27 Office 365 deploym ployment checklists This document provides some checklists to help you make sure that you install and configure your Office 365 deployment correctly and with a minimum of
More informationLeveraging SAML for Federated Single Sign-on:
Leveraging SAML for Federated Single Sign-on: Seamless Integration with Web-based Applications whether cloudbased, private, on-premise, or behind a firewall Single Sign-on Layer v.3.2-006 PistolStar, Inc.
More informationKony Mobile Application Management (MAM)
Kony Mobile Application Management (MAM) Kony s Secure Mobile Application Management Feature Brief Contents What is Mobile Application Management? 3 Kony Mobile Application Management Solution Overview
More informationStrong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment
Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1
More informationTwo-Factor Authentication
Two-Factor Authentication IT Professional & Customer Service Desk Feature Guide Two-Factor Authentication for Exchange Online Office 365 Dedicated & ITAR-Support Plans April 26, 2013 The information contained
More informationHow To Use Saml 2.0 Single Sign On With Qualysguard
QualysGuard SAML 2.0 Single Sign-On Technical Brief Introduction Qualys provides its customer the option to use SAML 2.0 Single Sign On (SSO) authentication with their QualysGuard subscription. When implemented,
More informationSAML Authentication Quick Start Guide
SAML Authentication Quick Start Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2013 SafeNet, Inc. All rights reserved.
More informationJunos Space for Android: Manage Your Network on the Go
Junos Space for Android: Manage Your Network on the Go Combining the power of Junos Space and Android SDKs to build powerful and smart applications for network administrators Challenge It is important
More informationIdentity. Provide. ...to Office 365 & Beyond
Provide Identity...to Office 365 & Beyond Sponsored by shops around the world are increasingly turning to Office 365 Microsoft s cloud-based offering for email, instant messaging, and collaboration. A
More informationWhere are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players
The Current and Future State of IT When, Where, and How To Leverage the The and the Players Software as a Service Citrix VMWare Google SalesForce.com Created and Presented by: Rand Morimoto, Ph.D., MCITP,
More informationAllidm.com. SSO Introduction. Discovering IAM Solutions. Leading the IAM Training. @aidy_idm facebook/allidm
Discovering IAM Solutions Leading the IAM Training @aidy_idm facebook/allidm SSO Introduction Disclaimer and Acknowledgments The contents here are created as a own personal endeavor and thus does not reflect
More informationArchitecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference
Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise
More informationCA Single Sign-On Migration Guide
CA Single Sign-On Migration Guide Web access management (WAM) systems have been a part of enterprises for decades. It is critical to control access and audit applications while reducing the friction for
More informationSHARPCLOUD SECURITY STATEMENT
SHARPCLOUD SECURITY STATEMENT Summary Provides details of the SharpCloud Security Architecture Authors: Russell Johnson and Andrew Sinclair v1.8 (December 2014) Contents Overview... 2 1. The SharpCloud
More informationTRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE
White Paper TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE Pulse Connect Secure Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and
More informationEgnyte Cloud File Server. White Paper
Egnyte Cloud File Server White Paper Revised July, 2013 Egnyte Cloud File Server Introduction Egnyte Cloud File Server (CFS) is the software as a service layer that powers online file sharing and storage
More informationMobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.
More informationSingle Sign On. SSO & ID Management for Web and Mobile Applications
Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing
More informationSAML single sign-on configuration overview
Chapter 34 Configurin guring g Clarizen Configure the Clarizen Web-SAML application profile in Cloud Manager to set up single sign-on via SAML with Clarizen. Configuration also specifies how the application
More informationGuide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation
Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication Mobile App Activation Before you can activate the mobile app you must download it. You can have up to
More informationSymantec Managed PKI Service Deployment Options
WHITE PAPER: SYMANTEC MANAGED PKI SERVICE DEPLOYMENT............. OPTIONS........................... Symantec Managed PKI Service Deployment Options Who should read this paper This whitepaper explains
More informationCA CloudMinder. Getting Started with SSO 1.5
CA CloudMinder Getting Started with SSO 1.5 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your
More informationAVG Business SSO Connecting to Active Directory
AVG Business SSO Connecting to Active Directory Contents AVG Business SSO Connecting to Active Directory... 1 Selecting an identity repository and using Active Directory... 3 Installing Business SSO cloud
More informationWeb Access Management and Single Sign-On
Web Access Management and Single Sign-On Ronnie Dale Huggins In the old days of computing, a user would sit down at his or her workstation, login to the desktop, login to their email system, perhaps pull
More informationHow To Use Salesforce Identity Features
Identity Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of
More informationMobile Iron User Guide
2015 Mobile Iron User Guide Information technology Sparrow Health System 9/1/2015 Contents...0 Introduction...2 Changes to your Mobile Device...2 Self Service Portal...3 Registering your new device...4
More informationIncrease the Security of Your Box Account With Single Sign-On
A Box White Paper Increase the Security of Your Box Account With Single Sign-On Box s high level of security, 24x7 support and 99.9% uptime are critical for us. The biggest benefits are the reliability
More informationCitrix Ready Solutions Brief. CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands. citrix.
CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands citrix.com/ready CA Technologies and Citrix have partnered to integrate their complementary, industry-leading
More informationAdding Stronger Authentication to your Portal and Cloud Apps
SOLUTION BRIEF Cyphercor Inc. Adding Stronger Authentication to your Portal and Cloud Apps Using the logintc April 2012 Adding Stronger Authentication to Portals Corporate and consumer portals, as well
More informationSAML SSO Configuration
SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting
More informationOne platform for all your print, scan and device management
One platform for all your print, scan and device management Manage all Printing & Scanning with one single Platform. Incorporating uniflow into your document processes will lead to real improvements in
More informationAdvanced Configuration Steps
Advanced Configuration Steps After you have downloaded a trial, you can perform the following from the Setup menu in the MaaS360 portal: Configure additional services Configure device enrollment settings
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Citrix NetScaler (with AGEE)
INTEGRATION GUIDE DIGIPASS Authentication for Citrix NetScaler (with AGEE) Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is';
More informationHow to Get to Single Sign-On
How to Get to Single Sign-On Gregg Kreizman Neil Wynne Twitter: @neilwynne Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in
More informationWhite Paper. McAfee Cloud Single Sign On Reviewer s Guide
White Paper McAfee Cloud Single Sign On Reviewer s Guide Table of Contents Introducing McAfee Cloud Single Sign On 3 Use Cases 3 Key Features 3 Provisioning and De-Provisioning 4 Single Sign On and Authentication
More informationInterwise Connect. Working with Reverse Proxy Version 7.x
Working with Reverse Proxy Version 7.x Table of Contents BACKGROUND...3 Single Sign On (SSO)... 3 Interwise Connect... 3 INTERWISE CONNECT WORKING WITH REVERSE PROXY...4 Architecture... 4 Interwise Web
More informationUsing Entrust certificates with VPN
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
More informationPing Identity, Euro Cloud award entry
Ping Identity, Euro Cloud award entry Category: Best Cloud Offering Product: PingFederate 6.6 About Ping Identity Ping Identity is the cloud identity security leader, specialising in cloud identity, security,
More informationFrequently asked questions
Frequently asked questions FAQ: MicroStrategy 9s/9.5 General What is MicroStrategy 9s? MicroStrategy 9s combines the world s most sophisticated analytics platform with Usher, a revolutionary security platform.
More informationWhite paper. Convenient Multi-Factor Authentication (MFA) for Web Portals & Enterprise Applications
White paper Convenient Multi-Factor Authentication (MFA) for Web Portals & Enterprise Applications As the usage of online portals, SSL VPN applications, and web access management (WAM) products continue
More information