Magic Quadrant for User Authentication
|
|
- Allison Houston
- 8 years ago
- Views:
Transcription
1 G Magic Quadrant for User Authentication Published: 9 December 2013 Analyst(s): Ant Allan The market is dominated by 5% of the vendors. Mobile and cloud are disruptive. Buyers give greater weight than before to user experience. Legacy authentication methods are increasingly deprecated. Vendors must invest appropriately to stay relevant. Strategic Planning Assumptions By year-end 2016, about 30% of enterprises will choose cloud-based services as the delivery option for new or refreshed user authentication implementations up from about 10% today. By year-end 2016, more than 30% of enterprises will use contextual authentication for workforce remote access up from about 5% today. Market Definition/Description A provider in the user authentication (see Note 1) market delivers on-premises software/hardware or a cloud-based service that makes real-time authentication decisions for users who are using an arbitrary endpoint device (that is, not just Windows PCs) to access one or more applications, systems or services in a variety of use cases. Where appropriate to the authentication methods supported, a provider in the user authentication market also delivers client-side software or hardware that end users utilize to make those real-time authentication decisions. (Also see the Inclusion and Exclusion Criteria section.) User authentication has been used since the early days of multiuser systems. Passwords remain the norm across all use cases, but over the past few decades, a wide range of authentication methods that provide higher levels of trust have been developed and adopted by the market. Within the last decade, the variety of authentication methods has proliferated (see Note 2). Passwords are ubiquitous, and higher-trust authentication methods are used by nearly all enterprises (and at least a significant minority of small or midsize businesses [SMBs)] across different use cases (see Note 3). The user authentication market is mature, with several vendors offering products that have been continuously offered over the past three decades (although ownership has changed over that time; for example, Security Dynamics' SecurID one-time password [OTP] tokens are now offered by RSA, The Security Division of EMC). However, new authentication methods and vendors continue to
2 emerge, with the most rapid growth occurring within the past decade in response to changing market needs. The greater adoption of user authentication over a wider variety of use cases, the impact of the Nexus of Forces (discussed in the Market Overview section) and the emergence of innovative authentication methods have all been disruptive. Gartner is aware of more than 200 vendors offering some kind of user authentication product, although only approximately 100 of these might be commercially viable, and perhaps fewer than 50 vendors have offerings that we would consider to be credible choices. This Magic Quadrant research covers the 20 vendors with the most significant market presence by number of customers or number of end users served (see the Inclusion and Exclusion Criteria section), although these numbers vary by orders of magnitude (see Note 4). The leading vendors in this Magic Quadrant account for the majority of the market by customer and end-user numbers. Some of the vendors not included in the Magic Quadrant are wide-focus vendors (see Note 5) that are poised to challenge the major players, while others are "specialist" vendors. A significant number of these are essentially "me, too" commodity vendors. These vendors fragment the market, diverting sales from more strategic players and potentially tying up buyers in "dead end" contracts. In addition, vendors in other markets especially identity and access management as a service (IDaaS), Web access management (WAM), federated single sign-on (SSO) and VPN are increasingly embedding higher-trust user authentication methods within their products. While these tend to be limited to phone-as-a-token methods, with a few vendors adding contextual authentication, they can still obviate the need for a third-party user authentication offering at least in the use cases served by those alternative products. Page 2 of 55 Gartner, Inc. G
3 Magic Quadrant Figure 1. Magic Quadrant for User Authentication Source: Gartner (December 2013) Vendor Strengths and Cautions Authentify Illinois-based Authentify offers a cloud service, Authentify Out-of-Band Authentication, that provides out of band (OOB) authentication via voice modes, and has multiple OEM relationships (with Gartner, Inc. G Page 3 of 55
4 vendors that are discussed in this Magic Quadrant and use Authentify for OOB voice modes). Authentify also offers: voice biometric verification (normally an adjunct to OOB authentication, but some universities and others use it as a single-factor authentication method, with the phone as just a capture device); 2CHK, an OOB app for mobile devices and PCs; and xfa, an app combining OOB push modes with voice verification and an X.509 software token. Authentify's customers predominate in financial services, e-commerce, education, government and healthcare. The majority of customers are larger enterprises. Deployment sizes at year-end 2012 spanned a median of tens to hundreds of thousands of end users, with a maximum on the order of tens of millions or more end users. Authentify demonstrates a very sound market understanding and a very strong product strategy, and remains a Visionary in this Magic Quadrant. Strengths It has a growth rate well above the market norm. It supports contextual authentication including telephone data analytics. Its new xfa app addresses the needs of mobile use cases. It offers a canned "click and go" solution for SMBs in response to demand. Its pricing is in the lowest quartile for Scenario 4 (see Note 6) for cloud solutions. Cautions It lacks on-premises server software or appliances, nor does it offer or support OTP hardware tokens. Its customer base is skewed toward the U.S. (about three-fifths of customers) and Europe (about one-fifth). CA Technologies New York-based CA Technologies offers a wide-focus authentication and Web fraud detection (WFD) platform that is delivered as server software (CA Advanced Authentication, or integrating CA AuthMinder and CA RiskMinder) and as a cloud service (CA CloudMinder Advanced Authentication). These support a wide range of authentication methods, with OTP apps for mobile phones and X. 509 software tokens (see Strengths below) most commonly used. Almost half of CA's customers are in financial services, with others spread across multiple vertical industries. The majority of customers are larger enterprises. Deployment sizes range from thousands to millions of end users. CA Technologies remains a Leader in this Magic Quadrant. Page 4 of 55 Gartner, Inc. G
5 Strengths Its growth rate is above the market norm. Its OTP seeds and X.509 credentials are protected by CA's proprietary "cryptographic camouflage." The CA RiskMinder WFD component provides rich contextual authentication, and is used by about half of CA's customers. It is the joint third most frequently shortlisted vendor among all reference customers. Its pricing is in the lowest quartile for all scenarios (except Scenario 5 for cloud solutions) including the lowest pricing for Scenario 3 for on-premises and cloud solutions. Cautions Its customer numbers are in the lowest tier; however, the majority are large enterprises, and end-user numbers are in the upper midtier. Its customer base is skewed toward the Americas (three-fifths of its customers are most likely in the U.S.) and EMEA (one-quarter). Deepnet Security U.K.-based Deepnet Security offers a wide-focus authentication platform delivered as server software (DualShield Unified Authentication Platform), as a virtual appliance of Linux (DualShield VE) and as a software development kit (SDK). Since the previous Magic Quadrant (see "Magic Quadrant for User Authentication"), Deepnet has added a managed service (DualShield SaaS) and a cloud service (DualShield Cloud). These all support a wide range of authentication methods, with OTP apps for mobile phones, OTP hardware tokens and OOB SMS modes being most commonly used. Deepnet's customers are well-spread across vertical industries; they also are spread over SMBs and enterprises. Deployment sizes at year-end 2012 spanned a median in the range of thousands of end users, with a maximum on the order of 100,000 end users or more. Deepnet remains a Niche Player in this Magic Quadrant. Strengths It has an exceptionally wide range of authentication methods, including biometric authentication (that is, face, voice). It offers simple contextual authentication. Its pricing is in the lowest quartile for Scenarios 2 and 4 for on-premises solutions. Gartner, Inc. G Page 5 of 55
6 Cautions Its end-user numbers are in the lowest tier (but its customer numbers are moderate, with a growth rate above the market norm). Its customer base is skewed toward Europe (more than half of customers) and the U.S. (about one-third). Its pricing is in the highest quartile for Scenario 5 for on-premises solutions. It has a key person dependency on its current CEO, who is the single decision maker over all aspects of the business. EMC (RSA) Massachusetts-based RSA, The Security Division of EMC, offers a wide-focus authentication platform, RSA Authentication Manager (AM), which supports the well-known RSA SecurID OTP tokens (among other methods). AM is delivered as server software, as virtual and hardware appliances, and as an SDK. RSA AM Express, a hardware appliance aimed at SMBs, has now been superseded by the latest version of AM. RSA also offers RSA Adaptive Authentication (AA; see "Magic Quadrant for Web Fraud Detection"), which is used for user authentication by some larger enterprises in nonbanking vertical industries. RSA offers a fairly broad (but proprietary) range of authentication methods. OTP hardware tokens are still most commonly used, but OTP apps for smartphones are being marketed more aggressively. AM (and AA) lacks native biometric authentication, but this will likely change following the July 2013 acquisition of PassBan. RSA has customers across all vertical industries. The majority are larger enterprises. RSA provided no information about industry breakdown or deployment sizes. RSA has a strong position in this market (customer and end-user numbers are in the highest tiers), as well as a very strong product strategy and innovation. In our opinion, the March 2011 breach (see "RSA SecurID Compromise Is of Concern, but Likely Not a Fatal Flaw" [Note: This document has been archived; some of its content may not reflect current conditions]) was a catalyst for a significant shift of focus away from its legacy SecurID hardware tokens. RSA remains a Leader in this Magic Quadrant. Strengths AM now has rich contextual authentication capabilities (what RSA calls "Risk-Based Authentication") ported from AA. There is an additional one-off licensing cost for this. It is the most frequently shortlisted vendor among other vendors' reference customers. It is the vendor most often cited as the competitor to beat by the others included in this research. Page 6 of 55 Gartner, Inc. G
7 Its pricing is in the lowest quartile for Scenario 5 for on-premises solutions, as well as for Scenarios 4 and 5 for cloud solutions. However, this was based on AA rather than AM, reflecting RSA's positioning of these products for different use cases. (RSA didn't quote pricing for Scenarios 1, 2 or 3 for cloud solutions.) It has huge brand depth (even if SecurID is still frequently misspelled). Cautions There is no cloud-service version of AM (but managed services are provided globally by a wide range of MSSPs). There are no OOB voice modes in AM (only in AA via Authentify). It is the vendor most often cited in inquiries, but these are mainly critical of the TCO and UX of RSA SecurID hardware tokens. (However, clients including RSA customers are not always aware that RSA itself offers lower-tco, better-ux methods.) RSA was most often disqualified by other vendors' reference customers on pricing. Its customer base is skewed toward the Americas (three-fifths of customers, most of which are likely in the U.S.) and EMEA (one-third). Entrust Texas-based Entrust offers a wide-focus authentication platform, IdentityGuard, which is delivered as server software. (Entrust introduced its cloud service, IdentityGuard Cloud Services, in late 2013, but this was not included in our analysis.) IdentityGuard supports a wide range of authentication methods, with OTP apps, OTP hardware tokens and OTP grid cards being the most commonly used. The vendor also has public-key infrastructure (PKI) product and service offerings in its identity and access management (IAM) portfolio. Financial services and government each account for about one-third of Entrust's customers. The majority of its customers are enterprises. Deployment sizes at year-end 2012 spanned a median in the region of hundreds to thousands of end users, with a maximum on the order of 10 million end users or more. Entrust remains a Niche Player in this Magic Quadrant. Strengths Its growth rate is above the market norm. Its cloud application integration (via IdentityGuard Federation Module) supports OpenID as well as SAML. Gartner, Inc. G Page 7 of 55
8 It supports contextual authentication via a native "risk-based" engine, which is used by about half of its customers. Its reference customers were extremely satisfied with Entrust's customer support. Its pricing is in the lowest quartile for Scenario 5 for on-premises solutions. Cautions Its customer base is skewed toward the U.S. (about two-fifths of customers), Europe and Latin America (about one-fifth in each). It has exceptionally high pricing for Scenario 2, and its pricing for Scenario 3 for on-premises solutions is in the highest quartile. Gartner clients were dissatisfied with its internationalization capabilities. Equifax Georgia-based Equifax offers a wide-focus authentication platform, Anakam.TFA, which is delivered as server software and as a cloud service. This supports a fairly wide range of authentication methods, with OOB SMS modes being the most commonly used. Anakam.TFA is one part of Equifax's broad range of fraud and identity solutions. This reflects Equifax's goal to be a broader identity assurance provider, rather than a direct competitor to Leaders in this market. More than half of Equifax's customers are in financial services; other key markets are healthcare and the public sector. Equifax didn't provide a customer breakdown by size, but we estimate the average deployment size to be upward of hundreds of thousands of end users. Equifax remains a Niche Player in this Magic Quadrant. Strengths It is part of a uniquely broad identity assurance portfolio. It offers simple contextual authentication. Its pricing is in the lowest quartile for Scenario 1 for cloud solutions. Cautions Its customer numbers are in the lowest tier (but the majority of customers are large enterprises, while Equifax's end-user numbers are in the upper midtier). Reference customers were dissatisfied with its reporting/analytics. It has exceptionally high pricing for Scenarios 2 and 3 for on-premises solutions. Page 8 of 55 Gartner, Inc. G
9 Its customer base is skewed toward the U.S. (about two-thirds of customers) and Europe (about one-fifth). Gemalto Netherlands-based Gemalto, still best known as a smart-card vendor, offers two wide-focus authentication platforms: Protiva IDConfirm 1000, which is targeted at business-to-employee use cases; and Ezio Server, which incorporates technology from Gemalto's December 2012 acquisition of DS3, and is targeted at B2C use cases. IDConfirm is typically delivered as server software or as a managed service; Ezio is typically delivered as a virtual appliance or a hardware appliance. Gemalto offers a wide range of authentication methods, with X.509 hardware tokens (smart cards and so on) being most commonly used, while OTP tokens (including RCA readers) and OOB SMS modes are quickly gaining ground. Gemalto also offers Coesys egov, which is aimed at e-government applications and combines user authentication and federated SSO. The majority of Gemalto's customers are in financial services, government and healthcare. The majority of customers are also larger enterprises. Deployment sizes at year-end 2012 spanned a median in the region of hundreds of thousands of end users, with a maximum of several million end users. Gemalto has demonstrated very sound market understanding and very strong innovation, and remains a Leader in this Magic Quadrant. Strengths Its customers are well-dispersed geographically. Its pricing is in the lowest quartile for all scenarios for on-premises solutions, including the lowest pricing for Scenarios 1 and 2. It is the joint third most frequently shortlisted vendor among other vendors' reference customers. Cautions It still lacks contextual authentication, as well as native server-side support for biometric authentication. However, it can support client-side match-on-card capabilities. Its multitenanted cloud service is available only via third-party providers. HID Global California-based HID Global has two wide-focus authentication platforms that are delivered as server software (ActivID Authentication Server, which is primarily targeted at banks and cloud services providers, and ActivID AAA Server, which is primarily targeted at workforce remote Gartner, Inc. G Page 9 of 55
10 access); it also has virtual and hardware appliances (such as ActivID Authentication Appliance) as well as an SDK. It offers a very wide range of authentication methods, with OTP hardware tokens being most commonly used ahead of OTP apps, OOB SMS modes and X.509 hardware tokens. In addition, HID offers other ancillary products, including card management (CM) tools. The majority of HID's customers are in government, financial services and technology. They are also enterprises. Deployment sizes at year-end 2012 spanned a median in the region of hundreds of end users, with a maximum on the order of 1 million end users or more. HID faces some brand depth issues: ActivIdentity (the name of the company HID acquired in 2010) still has greater market recognition than HID's ActivID brand (which was introduced in 2012). HID continued to use the "ActivIdentity" logotype in publicity materials (such as event sponsorship) throughout HID Global has demonstrated very sound market understanding and remains a Visionary in this Magic Quadrant. Strengths It has broad target system integration. It offers biometric authentication (interface interactivity) through its BehavioSec partnership. It has strong "common access card" play, including support for the use of legacy building access cards for user authentication. It supports rich contextual authentication via ActivID Threat Detection Service (under OEM license from ThreatMetrix) integrated with other ActivID products. However, this is a separate line item and is contingent on that third-party relationship. Cautions It still lacks a cloud service. However, managed hosted services are available through partner managed security service providers (MSSPs), and HID Global tells us a cloud service is planned for 1Q14. It lacks out-of-the-box support for OOB voice modes (but integration with Authentify, TeleSign and so on can be supported). Its pricing is the highest quoted for Scenarios 1, 2 and 3 for on-premises solutions. Its customer base is skewed toward Europe (about one-half of customers) and the U.S. (about one-third). HID tells us that it sees strong growth, especially among banking customers, in other regions. Page 10 of 55 Gartner, Inc. G
11 Mi-Token Texas-based Mi-Token offers an OATH-compliant OTP and OOB authentication solution that is delivered as server software (Mi-Token Server), a virtual appliance (Mi-Token V Server), a cloud service (Mi-Token Cloud Server), and as an SDK. The core products and services are intended to integrate simply with Active Directory for low total cost of ownership (TCO) and a short time to value. Mi-Token provides an optional hardware security module for secure seed generation within the enterprise. The vendor also offers a fairly broad range of authentication options, with OTP hardware tokens and OTP apps for smartphones being most commonly used. In October 2013, Mi- Token announced a partnership with Microlatch for biometric-enabled hardware tokens. Mi-Token's offerings also include innovative technology for payment security. About half of Mi-Token's customers are in financial services, and another third are in government. The majority are enterprises. Deployment sizes at year-end 2012 spanned a median in the region of thousands of end users, with a maximum on the order of 1 million end users or more. Mi-Token is new in this Magic Quadrant. Strengths It offers simple contextual authentication. Reference customers were very or extremely satisfied with its customer support. Its pricing is in the lowest quartile for Scenarios 2 and 4 for on-premises solutions. It is the only vendor in this Magic Quadrant with a significant share of its business in the Middle East and Africa. Cautions Its end-user numbers are in the lowest tier (but its customer numbers are moderate, and its growth rate is well above the market norm). Reference customers were dissatisfied with its reporting/analytics. Mi-Token tell us that additional reporting/analytics is available at an extra fee. Its pricing is in the highest quartile for Scenario 5 for on-premises solutions. Its customer base is skewed toward the U.S. (one-third of customers), EMEA and Asia/Pacific, excluding Japan (one-quarter in each), with a limited presence in Europe. Microsoft Washington-based Microsoft offers a phone-as-a-token authentication platform, Windows Azure Multi-Factor Authentication, that is delivered as a cloud service or an on-premises/cloud hybrid, based on its October 2012 acquisition of PhoneFactor. Microsoft offers only phone-as-a-token authentication methods, albeit with a wide range of options, and its implementation offers security Gartner, Inc. G Page 11 of 55
12 and user experience (UX) advantages. It can support other vendors' OATH OTP hardware tokens. It also offers biometric voice authentication, but only as an adjunct to OOB voice modes. Microsoft did not provide any customer breakdown by vertical industry, size or deployment size. While its sales execution remains sound, Microsoft's presence in the market is modest, and, in our opinion, its focus on the acquisition and integration into Windows Azure has diverted attention from other execution and vision criteria. Microsoft remains a Niche Player in this Magic Quadrant. Strengths Reference customers were extremely satisfied with its customer support. It is the joint third most frequently shortlisted vendor among other vendors' reference customers. Its pricing is in the lowest quartile for Scenarios 2, 3 and 4 for cloud solutions, including the lowest pricing quoted for Scenario 2. It has a pay-for-what-you-use pricing model (only users active during a month are counted for billing). Cautions It has no contextual authentication as such, but offers endpoint identity (EPI) and IP address whitelisting. Its end-user numbers are in the lowest tier (but its customer numbers are moderate). Gartner understands that the great majority of its customers are in the U.S. It has presented exceptionally high pricing for Scenario 5 for cloud solutions. While Windows Azure Multi-Factor Authentication is offered independently of its Windows Azure framework, we remain somewhat wary about its longer-term status. Microsoft demonstrated no clear product or marketing strategy for it, apart from the overall Windows Azure "Cloud OS" messaging. PointSharp Sweden-based PointSharp offers an OATH-compliant authentication solution, PointSharp ID, that is delivered as server software, as a virtual appliance, as managed service and as an SDK. It offers a fairly broad range of authentication methods, including OTP hardware tokens, although OTP apps for smartphones and OOB SMS modes are most commonly used. The company focus is on mobility and security "mobile access management." Page 12 of 55 Gartner, Inc. G
13 About one-quarter of PointSharp's customers are in financial services and one-quarter are in government, with the rest spread across multiple vertical industries. The majority of customers are enterprises, some of which are large. Deployment sizes at year-end 2012 spanned a median in the region of hundreds to thousands of end users, with a maximum on the order of 100,000 end users or more. PointSharp is new in this Magic Quadrant. Strengths It has simple contextual authentication. It has simple integration with Microsoft Exchange from mobile devices. Reference customers were very satisfied with its customer support. PointSharp makes creative use of social media here. Its pricing is in the lowest quartile for Scenarios 2, 4 and 5 for on-premises solutions. Cautions Its end-user numbers are in the lowest tier (but its customer numbers are moderate, and its growth rate is very well above the market norm). It offers cloud service only through partners. Its customer base is very heavily skewed toward Europe (about nine-tenths of customers). SafeNet Baltimore-based SafeNet offers three wide-focused server-software products SafeNet Authentication Manager (SAM), SafeNet Authentication Manager Express (SAMx) and SafeNet Authentication Service for service providers (SAS SPE) and a cloud service, SafeNet Authentication Service (SAS, based on its March 2012 acquisition of Cryptocard). It offers a very wide range of authentication methods (with SAM supporting the whole range, including X.509 tokens, while SAMx and SAS support somewhat narrower ranges). OTP hardware tokens are the most widely used, ahead of X.509 tokens and phone-as-a-token options. About one-third of SafeNet's customers are in government, about one-quarter are in financial services, and about one-fifth are in healthcare. They range from SMBs to very large enterprises. Deployment sizes at year-end 2012 spanned a median in the region of thousands of end users with a maximum on the order of 1 million end users or more. SafeNet has a strong position in this market (customer numbers are in the highest tier, while enduser numbers are in the upper midtier), and demonstrated significantly improved marketing execution through It also demonstrated a very sound market understanding, as well as a very strong product strategy and innovation. Gartner, Inc. G Page 13 of 55
14 It remains a Leader in this Magic Quadrant. Strengths It is the joint third most frequently shortlisted vendor among other vendors' reference customers. It is one of three vendors most often cited as the competitor to beat by others included in this research. SAM supports contextual authentication (also planned for SAS in 2014). Reference customers were very or extremely satisfied with its customer support. Its pricing is in the lowest quartile for Scenarios 2 and 4 for on-premises solutions, and for Scenarios 1, 2, 3 and 4 for cloud solutions. (However, it was most often disqualified by other vendors' reference customers on pricing.) It has an all-in, per-user, per-month pricing model for all offerings. Cautions Its customer base is skewed toward EMEA (nearly one-half of customers) and the U.S. (more than two-fifths). It lacks native server-side support for biometric authentication, but can support client-side match-on-card capabilities (biometric-enabled X.509 tokens). SecureAuth California-based SecureAuth offers SecureAuth IdP, which Gartner categorizes primarily as a WAM product that delivers federated SSO with broad protocol support, strong mobile device support (including an integration toolkit for mobile Web and resident mobile applications) and native support for a range of authentication methods. However, Gartner sees many clients evaluating SecureAuth IdP solely as a direct replacement for other vendors' "pure" user authentication offerings hence, its inclusion in this research. SecureAuth IdP is delivered as server software, as virtual and hardware appliances, and as a cloud service. SecureAuth's Universal Browser Credential (UBC) does double duty as an X.509 software token and as the anchor for SecureAuth IdP's SSO and authentication workflow. Apart from this, SecureAuth offers a fairly wide range of authentication methods, with OOB authentication methods being most widely used. SecureAuth can also support other methods by being able to "consume" identities authenticated by other services, such as Microsoft Active Directory or a social network. SecureAuth's customers are spread across multiple vertical industries, with about one-third in healthcare. The majority are very large enterprises. Deployment sizes at year-end 2012 spanned a median in the region of tens to hundreds of thousands of end users, with a maximum on the order of 10 million end users or more. Page 14 of 55 Gartner, Inc. G
15 SecureAuth demonstrated improved business strategies to match its product strategy and innovation, and moves from Niche Player to Visionary in this Magic Quadrant. Strengths It offers simple contextual authentication via HTML5-based EPI. It has federated SSO based on OpenID as well as SAML. Reference customers were extremely satisfied with its customer support. Its pricing is in the lowest quartile for Scenario 4 for on-premises solutions. It has a very good internationalization model: All text is abstracted, and professional translations in several languages are available. It continues to be the user authentication vendor most often cited positively by clients, who point to the ease of implementation and ongoing administration, as well as to the good UX provided by SecureAuth's UBCs. Cautions While its target system integration is fairly broad, it hinges on UBC, which requires a Web interface, so integration to legacy target systems must be proxied through a Web-enabled gateway. Its customer numbers are in the lowest tier (but its end-user numbers are moderate, and its growth rate is well above market norms). Reference customers were dissatisfied with its reporting/analytics. Its pricing is in the highest quartile for Scenarios 2, 3, 4 and 5 for cloud solutions. The pricing quoted for Scenario 1 for cloud solutions was exceptionally high. Its customer base is skewed toward the U.S. (about one-half of customers) and Europe (about one-fifth). SecurEnvoy U.K.-based SecurEnvoy offers a phone-as-a-token authentication platform, SecurAccess, which is delivered as server software. SecurEnvoy has a roughly even spread of customers across multiple vertical industries. They range from SMBs to very large enterprises. Deployment sizes at year-end 2012 spanned a median in the region of thousands to tens of thousands of end users, with a maximum of 100,000 end users or more. SecurEnvoy is a very strong innovator and remains a Visionary in this Magic Quadrant. Gartner, Inc. G Page 15 of 55
16 Strengths Unique among phone-as-a-token authentication vendors, SecurEnvoy provides preboot authentication via integration with Sophos. It offers simple contextual authentication. Reference customers were extremely satisfied with its customer support. It has grown beyond its domestic market and now has a significant customer base in the U.S. and Asia/Pacific. Its pricing is in the lowest quartile for Scenarios 2, 4 and 5 for on-premises solutions. Its pricing model is all-in. Cautions It focuses on phone-as-a-token authentication (with OOB SMS modes and OTP apps for smartphones being the most widely used). However, implementation is superior: Multiple configuration options for OOB SMS modes enable tuning security-ux balance. It has no cloud service. SecurEnvoy's rationale is that channel partners with long experience in managed and cloud services can offer superior quality of service. Its end-user numbers are in the lowest tier (but its customer numbers are moderate, and its growth rate is above the market norm). SMS Passcode Denmark-based SMS Passcode offers an OOB authentication platform of the same name, which is delivered as server software. SMS modes are the most widely used; voice modes are supported by partnerships with TeleSign, Twilio and others. It can also support Yubico YubiKey OTP hardware tokens. SMS Passcode's customers predominate in manufacturing, natural resources, government and financial services. Nine-tenths of them are SMBs. Deployment sizes at year-end 2012 spanned a median in the region of tens to hundreds of end users, with a maximum on the order of 100,000 end users or more. SMS Passcode remains a Niche Player in this Magic Quadrant. Strengths It offers simple contextual authentication based on behavior patterns and geolocation. It stands out for making creative use of social media in its marketing. Cautions It has no cloud service (although this can be offered by third-party MSSPs). Page 16 of 55 Gartner, Inc. G
17 Its end-user numbers are in the lowest tier (but its customer numbers are moderate, and its growth rate is above the market norm). This is consistent with its focus on SMBs. Its pricing is in the highest quartile for Scenarios 1 and 3 for on-premises solutions. It didn't present pricing for Scenario 5, commenting that the use case didn't match its channel-driven "plug and play" go-to-market model. Its customer base is heavily skewed toward Europe (about four-fifths of customers). Swivel Secure U.K.-based Swivel Secure offers a phone-as-a-token platform delivered as server software (Swivel Core Software) and as virtual and hardware appliances (Swivel Virtual Appliance and Swivel Appliance). All these also support Swivel Secure's variety of improved password and pattern-based OTP knowledge-based authentication (KBA) methods, which work with nonce challenges ("security strings") and can be displayed on the login screen in the simplest implementation. Swivel Secure also offers OOB push(ish) and SMS modes that combine the KBA methods and can also support OTP hardware tokens. Swivel Secure's customers are spread across multiple vertical industries. They range from SMBs to very large enterprises. Deployment sizes at year-end 2012 spanned a median in the region of hundreds to thousands of end users, with a maximum on the order of 100,000 end users or more. Swivel Secure remains a Niche Player in this market. Strengths It has a unique combination of KBA and phone-as-a-token authentication methods that span a range of trust levels and have good UX. It is preintegrated with Microsoft Office 365 and Microsoft Business Productivity Online Suite. Its pricing is in the lowest quartile for Scenario 4 for on-premises solutions. Cautions It has no contextual authentication. It has no cloud service (but rather has a subscription pricing model to better compete with cloud services). Its customer base is very heavily skewed toward Europe (about nine-tenths of customers). It has weak marketing and brand depth. Symantec California-based Symantec offers a wide-focus authentication platform, Symantec Validation and ID Protection Service (VIP), which is delivered as a cloud service. VIP offers a fairly wide range of Gartner, Inc. G Page 17 of 55
18 authentication methods, with OTP apps for mobile phones being most commonly used ahead of OTP hardware tokens. While VIP lacks native federated SSO to support cloud applications, this can be provided at additional cost by Symantec's fledgling cloud access security broker, Symantec O 3. About one-third of Symantec's customers are in financial services, with the rest spread across most other vertical industries. The majority of Symantec's customers are enterprises. Deployment sizes at year-end 2012 spanned a median in the region of thousands to tens of thousands of end users, with a maximum on the order of 1 million end users or more. Symantec is a very strong innovator, but its product or service and market responsiveness ratings are not yet on a par with leading vendors. It remains a Visionary in this Magic Quadrant. Strengths Its growth rate is above market norms. It embeds rich contextual authentication under the name "Intelligent Authentication." Reference customers were very or extremely satisfied with its customer support. It is the joint third most frequently shortlisted vendor among other vendors' reference customers. Its pricing is in the lowest quartile for Scenarios 1, 3 and 4 for cloud solutions. Cautions Its pricing is in the highest quartile for Scenario 5 for cloud solutions (based on a per-user model; however, per-transaction pricing might be lower depending on transaction volumes). Its customer base is skewed toward the U.S. (about one-half of customers) and Europe (about one-third). Its lack of cloud-services security operations centers outside the U.S. inhibits global sales. It has no discrete WFD offering. Symantec VIP alone may not meet financial services customers' needs, or match other vendors' full-blown WFD offerings. (This market accounts for one-third of Symantec's customers down from about one-half in the previous year.) It has no on-premises server software or appliance offering, which limits its appeal (as shown by Gartner client interactions). Technology Nexus Sweden-based Technology Nexus offers a range of wide-focus authentication platforms: PortWise Authentication Server (server software), Nexus Appliance Platform (a virtual appliance based on CentOS), Nexus Managed Service (a managed hosted service) and Nexus Cloud Service (a cloud service). Page 18 of 55 Gartner, Inc. G
19 Nexus offers a wide range of authentication methods, with OTP apps for mobile phones and OOB SMS modes being most commonly used. It also offers ancillary tools, as well as WAM and federated SSO tools. Nexus has about one-third of its customers in financial services and in government, with about onefifth in manufacturing and natural resources. The majority of Nexus' customers are large enterprises. Deployment sizes at year-end 2012 spanned a median in the region of tens of thousands of end users, with a maximum of tens of millions of end users. Technology Nexus demonstrated very sound market understanding and very strong product strategy and innovation, and remains a Leader in this Magic Quadrant. Strengths Cloud integration options include OAuth and System for Cross-Domain Identity Management (SCIM), as well as SAML. It has one of the widest ranges of authentication methods, including biometric authentication (interface interactivity) through a BehavioSec partnership. It offers simple contextual authentication. Its pricing is in the lowest quartile for Scenarios 2 and 4 for on-premises solutions, and for Scenarios 2, 3 and 4 for cloud solutions. Cautions Its pricing is in the highest quartile for Scenario 5 for cloud solutions. Its customer base is skewed toward Europe and Asia/Pacific (about two-fifths in each geography). TeleSign California-based TeleSign offers a phone-as-a-token authentication platform, TeleSign Verify (formerly 2FA), which is delivered as a cloud service. Its February 2013 acquisition of RoutoMessaging (now TeleSign Mobile) gives TeleSign a global mobile messaging platform and access to network data that has enhanced its offerings. TeleSign now offers a dual-mode OOB push mode/otp smartphone app, as well as its legacy OOB voice and SMS modes. Several other vendors, including some in this research, license TeleSign for (at least voice-based) OOB authentication. About three-fifths of TeleSign's customers are in cloud services (including social media) and e- commerce, with about one-quarter in financial services and others in online gaming and Web-based . Just over half of TeleSign's customers are SMBs. Deployment sizes at year-end 2012 spanned a median in the region of hundreds of thousands of end users, with a maximum of hundreds of millions of end users. Gartner, Inc. G Page 19 of 55
20 TeleSign demonstrated a very strong product strategy and innovation, and remains a Visionary in this Magic Quadrant. Strengths It supports contextual authentication, leveraging its PhoneID offering to provide a variety of information about a phone number. Its growth rate is very well above market norms, with end-user numbers bolstered by its strong presence among very large global service providers (including social media). Reference customers were very or extremely satisfied with its customer support. Its pricing is in the lowest quartile for all scenarios for cloud solutions. It has the lowest pricing for Scenarios 1, 3 and 5. Cautions It has somewhat limited target system integration. This depends heavily on APIs rather than standard protocols; however, TeleSign contends that this, modeled on Amazon's authentication model with a shared secret key, makes it more secure. Its customer base is skewed toward the U.S. (about half) and Europe (about one-fifth and growing). However, it supports end users of global service providers in more than 200 countries, and internationalization is excellent. It lacks on-premises server software or an appliance offering. It does not support OTP hardware tokens. However, TeleSign's partners, including vendors in this research, can meet such needs. Vasco Data Security Illinois-based Vasco offers a range of wide-focus authentication platforms: Identikey (server software), Identikey Virtual Appliance, Identikey Appliance (a hardware appliance), Digipass as a Service (private cloud service), MyDigipass.com (public cloud service) and Vacman Controller (APIbased authentication library). Vasco offers a wide range of authentication methods with OTP hardware tokens, OTP apps for smartphones and X.509 software tokens being most commonly used. More than one-third of Vasco's customers are in financial services; another third are in communications, media and services; and the rest are spread across other vertical industries. Vasco provided no information about customer or deployment sizes. Vasco Data Security has a strong position in this market (customer numbers are in the highest tier, with end-user numbers in the upper midtier) and is a very strong innovator. It remains a Leader in this Magic Quadrant. Strengths It is the second most frequently shortlisted vendor among other vendors' reference customers. Page 20 of 55 Gartner, Inc. G
21 It is one of the three vendors most often cited as the competitor to beat by the others included in this research. It has a federated SSO based on OpenID as well as SAML. It has one of the widest ranges of authentication methods (although support varies across offerings). Its pricing is in the lowest quartile for Scenarios 2 and 4 for on-premises solutions and cloud solutions. Cautions It has no contextual authentication capability. Its pricing is in the highest quartile for Scenario 1 for on-premises solutions and cloud solutions. It is most often disqualified by other vendors' reference customers based on pricing. Its customer base is skewed toward EMEA (about two-thirds of customers). Vendors Added and Dropped We review and adjust our inclusion criteria for Magic Quadrants and MarketScopes as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant or MarketScope may change over time. A vendor appearing in a Magic Quadrant or MarketScope one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. This may be a reflection of a change in the market and, therefore, changed evaluation criteria, or a change of focus by a vendor. Added Mi-Token: A Texas-based commodity user authentication vendor. PointSharp: A Sweden-based user authentication and mobile management vendor. Dropped DS3 was acquired by Gemalto early in December The following vendors failed to meet the elevated inclusion criteria for this Magic Quadrant: i-sprint Innovations: Singapore-based i-sprint was founded in 2000 and acquired in 2011 by Automated Systems Holdings (ASL), a subsidiary of Teamsun. i-sprint's core offering in this market is AccessMatrix Universal Authentication Server (UAS), a server software product that is one of an integrated set of IAM technologies. AccessMatrix UAS fully supports a broad range of third-party proprietary and OATH-compliant OTP tokens, as well as biometric authentication methods. i-sprint continues to execute well in its core market, but is limited by its target vertical industry (financial services) and geography (although its Chinese ownership does give it access Gartner, Inc. G Page 21 of 55
22 to the burgeoning Chinese market). It remains a credible choice for large enterprise deployments. Yubico: Based in Stockholm and Palo Alto, California, Yubico was established in It has a number of core software and service offerings in this market, but it is best known for its distinctive OTP, X.509 and Near Field Communication hardware tokens, which are also supported by a number of other vendors in this Magic Quadrant. While Yubico has some notable deployments with large global enterprises, such as Facebook and Google, most of its direct customer deployments are too small for it to be able to qualify for inclusion in this Magic Quadrant. It remains a credible choice for firms seeking low-tco hardware token deployments. Other Changes PhoneFactor: This brand has disappeared, and Microsoft now offers the phone-as-a-token authentication platform as Windows Azure Multi-Factor Authentication. Honorable Mentions The following vendors did not meet the inclusion criteria (typically because of customer and enduser numbers), but are credible alternatives to the vendors included in this Magic Quadrant: CM: Netherlands-based CM offers a range of telephony services for messaging, payments and security. It is a communications partner and service operator for many vendors' OOB authentication offerings. Since 2010, it has offered an OOB authentication service (SMS modes) directly to end customers. It is aggressively priced and offers good quality of service, and is now CM's fastest-growing offering. Duo Security: Michigan-based Duo Security offers a wide-focus authentication platform delivered as cloud services. These services support OOB authentication (voice, SMS and push modes), OATH-compliant OTP tokens (printed media, hardware and software) and simple contextual authentication (behavior patterns and location). Almost all its customers are U.S.- based, where its growth rate is above the market norm. It is available on special terms to higher education institutions via InCommon and Internet2. Entersekt: South Africa-based Entersekt offers a phone-as-a-token authentication platform delivered as FIPS hardware appliances and encrypted messaging services. Its mobile phone app for smartphones and feature phones combines OOB push modes with an X.509 device credential that is used to sign messages from the phone; the app also can generate OATH-compliant OTPs as a fallback when mobile data or Wi-Fi services are unavailable. A mobile SDK is also available. Entersekt targets the financial services sector and has many domestic customers with millions of users. It is now gaining traction in Europe and, to a lesser degree, the U.S. Imprivata: Massachusetts-based Imprivata has been a successful vendor in the enterprise SSO (ESSO) market for several years with its OneSign ESSO appliance (see "Market Overview for Enterprise Single Sign-On Tools"). In the past few years, Imprivata has had a singular focus on and success in the healthcare market. It also offers OneSign Authentication Management (AM), a stand-alone user authentication product, as a hardware or virtual appliance. OneSign AM Page 22 of 55 Gartner, Inc. G
23 supports a full range of the authentication methods demanded by its target market, including the use of building access cards (contactless chip cards and RFID cards) and fingerprint biometric authentication, which are commonly used among healthcare customers in North America, and X.509 hardware tokens, which are widely used among healthcare customers in EMEA. Imprivata also offers OneSign Virtual Desktop Access, which provides API-level integration with leading virtualization platforms to automate and streamline the login process, including authenticating to the workstation, launching and authenticating to the virtual desktop client, and selecting the desktop. Within this target vertical industry, Imprivata is the leading vendor by market share, according to healthcare industry sources. Although, in our opinion, Imprivata doesn't fit our market definition for a general user authentication solution, Gartner clients in healthcare will likely find that it can meet their specific needs ahead of other vendors included in this Magic Quadrant. Kobil Systems: Germany-based Kobil offers a wide-focus authentication platform, Smart Security Management Server, which is delivered as server software, a virtual appliance and a managed service. It offers a wide variety of OTP hardware tokens (EMV-CAP, HHD and OATH HOTP) and X.509 tokens, as well as OOB push modes. It has targeted the financial services sector; it also has a strong, localized customer base in Germany, Austria, Switzerland and Turkey. While it has little visibility globally, Kobil asserted that it has firm plans for expansion. McAfee: A wholly owned subsidiary of Intel, McAfee has a Center of Expertise for Identity based in Sweden, built around Intel's January 2011 acquisition of Nordic Edge. McAfee offers a phone-as-a-token authentication platform, One Time Password, as well as a federated SSO platform, Cloud Single Sign On, which embeds the authentication offering. The OTP platform supports "Pledge" OTP apps (for desktops as well as phones) and OOB SMS modes, and offers good migration support for legacy OTP tokens. The product is notable for its ease of implementation, enabling proofs of concept without any vendor support (or any contact with McAfee a "see it, try it, buy it" model). The majority of its customers are in Europe, but since the acquisition, it is beginning to gain traction in North America. Inclusion and Exclusion Criteria The following inclusion criteria apply: Relevance of offering: Each core user authentication infrastructure product or service meets the user authentication market definition established above. This market definition does not include providers that deliver only one or more of the following: 1. Client-side software or hardware, such as PC middleware, smart cards and biometric capture devices (sensors). 2. Credential management tools, such as password management tools, CM tools, and PKI certification authority and registration authority tools (including OCSP responders). 3. Software, hardware or services in other markets (such as WAM, WFD or VPN) that embed native support for one or many authentication methods within that context only, or that Gartner, Inc. G Page 23 of 55
Spotting the Cyber-wolf in Sheep s Clothing
1 Spotting the Cyber-wolf in Sheep s Clothing Keeping remote imposters off your network with mobile multi-factor authentication 2 6 40 Selecting authentication technologies for today and tomorrow From
More information2013 Gartner Magic Quadrant for User Authentication
2013 Gartner Magic Quadrant for User Authentication DIGIPASS BY VASCO The world s leading software company specializing in Internet Security G00231072 Magic Quadrant for User Authentication Published:
More informationKeynote: Gartner Magic Quadrants and MarketScopes. Ant Allan Felix Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson
Keynote: Gartner Magic Quadrants and MarketScopes Ant Allan Feli Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson IAM Technologies by Primary Function Administration Intelligence Authentication Authorization
More informationGlobal Multi-factor Authentication Market 2015-2019
Brochure More information from http://www.researchandmarkets.com/reports/3058588/ Global Multi-factor Authentication Market 2015-2019 Description: About Multi-factor Authentication Multi-factor authentication
More informationMagic Quadrant for User Authentication
G00227026 Magic Quadrant for User Authentication Published: 17 January 2012 Analyst(s): Ant Allan User authentication is dominated by three well-established, wide-focus vendors that command the majority
More informationSECUREAUTH IDP AND OFFICE 365
WHITEPAPER SECUREAUTH IDP AND OFFICE 365 STRONG AUTHENTICATION AND SINGLE SIGN-ON FOR THE CLOUD-BASED OFFICE SUITE EXECUTIVE OVERVIEW As more and more enterprises move to the cloud, it makes sense that
More informationAuthentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business
Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationMagic Quadrant for User Authentication
Magic Quadrant for User Authentication 17 January 2012 ID:G00227026 Analyst(s): Ant Allan VIEW SUMMARY User authentication is dominated by three well-established, wide-focus vendors that command the majority
More informationWhite Paper. McAfee Cloud Single Sign On Reviewer s Guide
White Paper McAfee Cloud Single Sign On Reviewer s Guide Table of Contents Introducing McAfee Cloud Single Sign On 3 Use Cases 3 Key Features 3 Provisioning and De-Provisioning 4 Single Sign On and Authentication
More informationThe Cloud, Mobile and BYOD Security Opportunity with SurePassID
The Cloud, Mobile and BYOD Security Opportunity with SurePassID Presentation for MSPs and MSSPs January 2014 SurePassID At A Glance Founded 2009 Headquartered in Orlando, FL 6 sales offices in North America,
More informationChoosing a Replacement for Incumbent One-Time Password Tokens
Research Publication Date: 21 April 2011 ID Number: G00212244 Choosing a Replacement for Incumbent One-Time Password Tokens Ant Allan This research outlines the options for enterprises seeking replacements
More informationAuthentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationWhite Paper. FFIEC Authentication Compliance Using SecureAuth IdP
White Paper FFIEC Authentication Compliance Using SecureAuth IdP September 2015 Introduction Financial institutions today face an important challenge: They need to comply with guidelines established by
More informationConnecting Users with Identity as a Service
Ping Identity has demonstrated support for multiple workforce and external identity use cases, as well as strong service provider support. Gregg Kreizman Gartner 1 Connecting Users with Identity as a Service
More informationFederated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.
PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading
More informationGuide to Evaluating Multi-Factor Authentication Solutions
Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor
More informationMIS Impact Report Duo Security looks to shake up authentication market with mobile and service focus Analyst: Steve Coplan 5 Dec, 2011 Duo Security named for the two-factor authentication technology for
More informationHow to Get to Single Sign-On
How to Get to Single Sign-On Gregg Kreizman Neil Wynne Twitter: @neilwynne Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in
More informationI D C V E N D O R S P O T L I G H T
I D C V E N D O R S P O T L I G H T E n f o r c i n g I dentity a nd Access Management i n C l o u d a n d Mobile Envi r o n m e n t s November 2012 Adapted from Worldwide Identity and Access Management
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationEXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report
KuppingerCole Report EXECUTIVE VIEW by Dave Kearns March 2015 SecureAuth IdP SecureAuth IdP combines cloud single sign-on capabilities with strong authentication and risk-based access control while focusing
More informationFrom Edge to the Core. Sicurezza dati nelle infrastrutture condivise, virtualizzate e cloud.
From Edge to the Core. Sicurezza dati nelle infrastrutture condivise, virtualizzate e cloud. Claudio Olati Sales Manager - Gemalto Sergio Sironi Regional Sales Manager - Safenet We are the world leader
More informationEntrust IdentityGuard Versatile Authentication Platform for Enterprise Deployments. Sam Linford Senior Technical Consultant Sam.linford@entrust.
Entrust IdentityGuard Versatile Authentication Platform for Enterprise Deployments Sam Linford Senior Technical Consultant Sam.linford@entrust.com Entrust is a World Leader in Identity Management and Security
More informationStrong Authentication. Securing Identities and Enabling Business
Strong Authentication Securing Identities and Enabling Business Contents Contents...2 Abstract...3 Passwords Are Not Enough!...3 It s All About Strong Authentication...4 Strong Authentication Solutions
More informationTwo-Factor Authentication over Mobile: Simplifying Security and Authentication
SAP Thought Leadership Paper SAP Mobile Services Two-Factor Authentication over Mobile: Simplifying Security and Authentication Controlling Fraud and Validating End Users Easily and Cost-Effectively Table
More informationExecutive s Guide to Cloud Access Security Brokers
Executive s Guide to Cloud Access Security Brokers Contents Executive s Guide to Cloud Access Security Brokers Contributor: Amy Newman 2 2 Why You Need a Cloud Access Security Broker 5 You Can t Achieve
More informationSecureAuth homes in on BYOD management and mobile app access
SecureAuth homes in on BYOD management and mobile app access Analyst: Steve Coplan 16 Apr, 2012 Securing access to enterprise applications from smartphones and mobile tablets has percolated to the top
More informationIdentity in the Cloud
White Paper Identity in the Cloud Use the cloud without compromising enterprise security Table of Contents The Cloud Conundrum 3 Managing Cloud Identity 3 The Identity Lifecycle 4 SaaS Single Sign-On 4
More informationIntegrating Single Sign-on Across the Cloud By David Strom
Integrating Single Sign-on Across the Cloud By David Strom TABLE OF CONTENTS Introduction 1 Access Control: Web and SSO Gateways 2 Web Gateway Key Features 2 SSO Key Features 3 Conclusion 5 Author Bio
More information2012 European Cloud-Based Authentication Services New Product Innovation Award
2012 2012 European Cloud-Based Authentication Services New Product Innovation Award 2012 Frost & Sullivan 1 We Accelerate Growth New Product Innovation Award Cloud-Based Authentication Service Europe,
More informationHello, It's Me: Mobile Options for End-User Authentication
Hello, It's Me: Mobile Options for End-User Authentication As enterprises re-evaluate their strategies for authenticating end-users with methods that are stronger than traditional usernames and passwords,
More informationAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) Market A White Paper Prepared by Martha Vazquez, Research Analyst TABLE OF CONTENTS Introduction... 3 Brief Overview of the OTP Market...
More informationFacebook s Security Philosophy, and how Duo helps.
Facebook s Security Philosophy, and how Duo helps. How Duo Factors in to Facebook s Information Security Philosophy The Challenge: Facebook manages personal data for 1.19 billion active users 1 across
More informationnexus Hybrid Access Gateway
Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationSecure Access Control for Mobile, Cloud, and Web Apps
Secure Access Control for Mobile, Cloud, and Web Apps SecureAuth IdP is a revolutionary platform that provides flexible and secure access control through strong authentication, single sign-on, and user
More informationCitrix Ready Solutions Brief. CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands. citrix.
CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands citrix.com/ready CA Technologies and Citrix have partnered to integrate their complementary, industry-leading
More informationEntrust IdentityGuard
+1-888-437-9783 sales@identisys.com IdentiSys.com Distributed by: Entrust IdentityGuard is an award-winning software-based authentication enterprises and governments. The solution serves as an organization's
More informationIdentity. Provide. ...to Office 365 & Beyond
Provide Identity...to Office 365 & Beyond Sponsored by shops around the world are increasingly turning to Office 365 Microsoft s cloud-based offering for email, instant messaging, and collaboration. A
More informationTwo-Factor Authentication
WHITE PAPER: TWO-FACTOR AUTHENTICATION: A TCO VIEWPOINT........................................ Two-Factor Authentication Who should read this paper This whitepaper is directed at IT, Security, and Compliance
More informationGrow revenues and profits while securing online subscription accounts
APPLICATION NOTE Grow revenues and profits while securing online subscription accounts www.vasco.com Copyright 2013 VASCO Data Security. All rights reserved. No part of this publication may be reproduced,
More informationIDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers
IDENTITY & ACCESS Providing Cost-Effective Strong Authentication in the Cloud a brief for cloud service providers Introduction Interest and use of the cloud to store enterprise resources is growing fast.
More informationOut-of-Band Multi-Factor Authentication Cloud Services Whitepaper
Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper StrikeForce Technologies, Inc. 1090 King Georges Post Rd. Edison, NJ 08837, USA Tel: 732 661-9641 Fax: 732 661-9647 http://www.sftnj.com
More informationInsight Zone. Data Security 2015. Executive Interview
Insight Zone Data Security 2015 Executive Interview THE CLOUD = SAFE Every App, User, & Device Secured Eliminate Passwords Increase Security Ensure Compliance Identity Access Management Enterprise Single
More informationWHITEPAPER. NAPPS: A Game-Changer for Mobile Single Sign-On (SSO)
WHITEPAPER NAPPS: A Game-Changer for Mobile Single Sign-On (SSO) INTRODUCTION The proliferation of mobile applications, including mobile apps custom to an organization, makes the need for an SSO solution
More informationSAP Single Sign-On 2.0 Overview Presentation
SAP Single Sign-On 2.0 Overview Presentation March 2016 Public Agenda SAP security portfolio Overview SAP Single Sign-On Single sign-on main scenarios Capabilities Summary 2016 SAP SE or an SAP affiliate
More informationWhite Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services. Table of Contents. 1. Two Factor and CJIS
White Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services Over the past decade, the demands on government agencies to share information across the federal, state and local levels
More informationMarket Trends in 2002 and 2003
Markets, J. Pescatore, R. Wagner Research Note 8 January 2003 Extranet Access Management 2H02 Magic Quadrant Inside-the-firewall (intraenterprise) integration to reduce costs dominated the extranet access
More informationHow to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications
SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this
More informationMobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationHow To Manage A Plethora Of Identities In A Cloud System (Saas)
TECHNICAL WHITE PAPER Intel Cloud SSO How Intel Cloud SSO Works Just as security professionals have done for ages, we must continue to evolve our processes, methods, and techniques in light of the opportunities
More informationADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief
ADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS Adaptive Authentication in Juniper SSL VPN Environments Solution Brief RSA Adaptive Authentication is a comprehensive authentication platform providing
More informationOvum Decision Matrix: Selecting an Identity Management Solution for the Telecoms Industry, 2014 2015
Ovum Decision Matrix: Selecting an Identity Management Solution for the Telecoms Industry, 2014 2015 Publication Date: 23 Oct 2014 Product code: IT0024-000106 Adaora Okeleke Summary Catalyst Telcos use
More informationKey Authentication Considerations for Your Mobile Strategy
Key Authentication Considerations for Your Mobile Strategy The Need for Mobile Authentication Reaches Critical Mass According to an old adage, consumers speak through their pocketbooks. While that saying
More informationMagic Quadrant for Identity and Access Management as a Service
G00260221 Magic Quadrant for Identity and Access Management as a Service Published: 2 June 2014 Analyst(s): Gregg Kreizman The IDaaS market is still in its early days. Vendors come from distinctly different
More informationWHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES
WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES Executive Overview U.S. Federal mandates dictates that personal with defense related initiatives must prove access
More informationMulti-Factor Authentication Trends
Brochure More information from http://www.researchandmarkets.com/reports/2775642/ Multi-Factor Authentication Trends Description: Multi-Factor Authentication, also referred to as strong authentication,
More informationAUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes
AUTHENTIFIERS Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes Authentify delivers intuitive and consistent authentication technology for use with smartphones,
More informationUser Identity and Authentication
User Identity and Authentication WordPress, 2FA, and Single Sign-On Isaac Potoczny-Jones ijones@tozny.com http://tozny.com About the Speaker Galois, Inc. - @galoisinc. Research & Development for computer
More informationexpanding web single sign-on to cloud and mobile environments agility made possible
expanding web single sign-on to cloud and mobile environments agility made possible the world of online business is rapidly evolving In years past, customers once tiptoed cautiously into the realm of online
More informationMIGRATION GUIDE. Authentication Server
MIGRATION GUIDE RSA Authentication Manager to IDENTIKEY Authentication Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as
More informationRSA Identity and Access Management 2014
RSA Identity and Access Management 2014 1 Agenda Today s Enterprises and IAM Customer Challenges IAM Requirements RSA IAM Our Competitive Advantage Leading The Pack RSA Views on Identity Management and
More informationPRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY
PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY Shane Weeden IBM Session ID: CLD-W01 Session Classification: Advanced Agenda Cloud security
More informationEXECUTIVE VIEW MYDIGIPASS.COM. KuppingerCole Report. by Alexei Balaganski August 2013. by Alexei Balaganski ab@kuppingercole.
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski August 2013 by Alexei Balaganski ab@kuppingercole.com August 2013 Content 1 Introduction... 3 2 Product Description... 4 3 Strengths and Challenges...
More informationOPENIAM ACCESS MANAGER. Web Access Management made Easy
OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access
More informationWHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT
WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT Executive Overview SAML (Security Assertion Markup Language) is a standard that facilitates the exchange of security information. Developed by
More informationIDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape
IDENTITY & ACCESS BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape Introduction How does your enterprise view the BYOD (Bring Your Own Device) trend opportunity
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationADAPTIVE IAM: DEFENDING THE BORDERLESS ENTERPRISE
ADAPTIVE IAM: DEFENDING THE BORDERLESS ENTERPRISE Digital identities move to the front lines in the battle for cyber security. May 2013 SUMMARY OF KEY POINTS Identity and Access Management (IAM), an established
More informationExtend and Enhance AD FS
Extend and Enhance AD FS December 2013 Sponsored By Contents Extend and Enhance AD FS By Sean Deuby Introduction...2 Web Service SSO Architecture...3 AD FS Overview...5 Ping Identity Solutions...7 Synergy
More information2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company
More informationWIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM) www.wipro.com
WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM) www.wipro.com Table of Contents 03...Introduction 04...Wipro Cloud (WIC) as a Service Type 05...Wipro Cloud Capabilities
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More information2003 Desktop Software Distribution Magic Quadrant
Markets, R. Colville Research Note 15 April 2003 2003 Desktop Software Distribution Magic Quadrant Software distribution is the critical component for desktop configuration management. Vendors in our Magic
More informationThree Ways to Integrate Active Directory with Your SaaS Applications OKTA WHITE PAPER. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107
OKTA WHITE PAPER Three Ways to Integrate Active Directory with Your SaaS Applications Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871 wp-3waysad-113012 Table
More informationTwo-Factor Authentication
Two-Factor Authentication A Total Cost of Ownership Viewpoint CONTENTS + Two-Factor Authentication 3 A Total Cost of Ownership Viewpoint + Introduction 3 + Defining Total Cost of Ownership 3 + VeriSign
More informationMagic Quadrant for Identity and Access Management as a Service, Worldwide
G00265376 Magic Quadrant for Identity and Access Management as a Service, Worldwide Published: 4 June 2015 Analyst(s): Gregg Kreizman, Neil Wynne Large vendor entrants in 2014 began to make their presence
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationExecutive Buyer s Guide to Identity and Access Management Solutions
Executive Buyer s Guide to Identity and Access Management Solutions Managing identity across the enterprise and cloud 2 3 5 5 6 7 9 17 Issue 1 Foreward A New Era for Identity and Access Management Identity
More informationWhite Pages Managed Service Solution Rapid Global Directory Implementation. White Paper
White Pages Managed Service Solution Rapid Global Directory Implementation White Paper December 2014 Author: Tom Eggleston Version: 1.0 Status: FINAL Reference: DA-WP01 Creation Date: 03/12/14 Revision
More informationAdding Stronger Authentication to your Portal and Cloud Apps
SOLUTION BRIEF Cyphercor Inc. Adding Stronger Authentication to your Portal and Cloud Apps Using the logintc April 2012 Adding Stronger Authentication to Portals Corporate and consumer portals, as well
More informationWhite. Paper. Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS. January 2013
White Paper Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by McAfee. and is distributed
More informationCustomer Identity and Access Management (CIAM) Buyer s Guide
Customer Identity and Access Management (CIAM) Buyer s Guide Shifting Marketplace Over the last five years, there has been a major shift in how enterprises need to look at and secure customer identities
More informationMoving Beyond User Names & Passwords
OKTA WHITE PAPER Moving Beyond User Names & Passwords An Overview of Okta s Multifactor Authentication Capability Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871
More informationLeveraging SAML for Federated Single Sign-on:
Leveraging SAML for Federated Single Sign-on: Seamless Integration with Web-based Applications whether cloudbased, private, on-premise, or behind a firewall Single Sign-on Layer v.3.2-006 PistolStar, Inc.
More informationHow To Use Salesforce Identity Features
Identity Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of
More informationVASCO: Compliant Digital Identity Protection for Healthcare
VASCO: Compliant Digital Identity Protection for Healthcare Compliant Digital Identity Protection for Healthcare The proliferation of digital patient information and a surge in government regulations are
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationIdentity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control
Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control agility made possible Enterprises Are Leveraging Both On-premise and Off-premise
More informationMulti-Factor Authentication (MFA)- Global Strategic Business Report
Brochure More information from http://www.researchandmarkets.com/reports/3440922/ Multi-Factor Authentication (MFA)- Global Strategic Business Report Description: This report analyzes the worldwide markets
More informationAbility to Execute. What You Need to Know
1 of 10 11/30/2010 1:00 PM 28 July 2010 Bern Elliot, Steve Blood Gartner RAS Core Research Note G00201349 Unified communications offers the ability to improve how individuals, groups and companies interact
More informationIdentity & Access Management in the Cloud: Fewer passwords, more productivity
WHITE PAPER Strategic Marketing Services Identity & Access Management in the Cloud: Fewer passwords, more productivity Cloud services are a natural for small and midsize businesses, with their ability
More informationAdvanced Authentication Methods Determining the Best Fit for Your Agency. Strong Authentication. Simplified.
Advanced Authentication Methods Determining the Best Fit for Your Agency Strong Authentication. Simplified. Agenda About 2FA CJIS Security Policy 5.1 Advanced Authentication Encryption, Secure Connectivity
More informationUsing Entrust certificates with VPN
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
More informationStrong Authentication for Healthcare
Strong Authentication for Healthcare Entrust Solutions for Centers for Medicare & Medicaid Services Authentication Compliance Entrust Inc. All All Rights Reserved. 1 1 Entrust is a registered trademark
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationPeople-centric IT: Bedeutung für das Identity und Access Management. Uwe Lüthy Solution Sales Specialist Core Infrastructure Microsoft Schweiz Gmbh
People-centric IT: Bedeutung für das Identity und Access Management Uwe Lüthy Solution Sales Specialist Core Infrastructure Microsoft Schweiz Gmbh Cloud OS Vision Microsoft s vision of the unified platform
More information