|
|
- Isabel Ramsey
- 8 years ago
- Views:
Transcription
1 MIS Impact Report Duo Security looks to shake up authentication market with mobile and service focus Analyst: Steve Coplan 5 Dec, 2011 Duo Security named for the two-factor authentication technology for logins and transaction validation the company provides has gone after a specific market opportunity with a fresh look at the usability and management challenges based on an authentication service, as well as the ability to easily enroll new authentication channels like mobile devices using onetime passwords and other factors. With one of the founders of network behavior anomaly detection (NBAD) pioneer Arbor Networks heading the company, Duo is one of a new breed of vendors targeting what it sees as a horizontal opportunity that has emerged for authentication and one that traditional authentication can't adequately address (even with cost stripped out of the equation). This opportunity is driven by what could be seen as mutually exclusive forces: the growing need to maintain a security construct of authenticated users, as opposed user authentication to a specific system or network, because of threats targeting user identities, and the need for centralized management, ease of deployment and high levels of usability for authentication to third-party (cloud-based) services. For the moment, security, usability and management are the primary themes of Duo's current pitch, aimed at organizations that have recognized the need for horizontal authentication. Duo is not alone in how it frames platform requirements or underlining the need for a horizontal approach to authentication. It's what is underneath the covers that makes Duo's approach to structural change to authentication more evident. If the security of the user identity is to operate as a component of a services-based model, then the authentication model has to reflect the architecture of the service the user is attempting to access. The focus now shifts from a successful authentication event to how to encapsulate an authenticated user at a logical level and introduce risk assessment. The requirements now extend beyond the key-sharing architecture and associated encryption to integration of the authentication service into the emerging infrastructure. For the moment, Duo is looking to build momentum based on demand for authentication as a service. The next step is building out its application-layer integration and API capabilities for a full-fledged authentication service that will start to overlap with anti-fraud technologies. The 451 Take Even with its approach that emphasizes the 'mores' of its platform more easily managed, more usable, more cost-
2 effective and more secure Duo, at first blush, still appears similar to a host of other players looking at the mobile endpoint as a new authentication token and providing authentication as a service. But Duo is moving toward shaking up the market with some fairly radical ideas. The company has demonstrated ability to build traction from a standing start, focusing on existing uses cases. If Duo can get the market to think about authentication in new ways (that weave it tighter with both authorization and anti-fraud) and deliver on the infrastructure for cloud services integration, the potential for a breakout exists. Context CEO Dug Song and CTO Jon Oberheide founded Duo Security in January 2010 with the name change from Scio Security coming a few months later. Song was previously chief architect at Barracuda Networks, but also founded and served as chief security architect at Arbor Networks, the NBAD pioneer acquired by Tektronix in September 2010 for $225m in cash. According to the 451 KnowledgeBase, 10-year old Arbor sold for a multiple of 2.4 times trailing 12-month revenue. Song has also participated prominently in open source security projects such as OpenSSH. Oberheide shares an Arbor background with Song, and has also conducted independent research into Google Android exploits. The company is not actively seeking investment, in part because operations are mostly funded through existing cash flow, but also because the roughly $1m Duo has raised in seed funding from True Ventures and Resonant Venture Partners should keep the company going until Duo reports 500 customers, with use counts ranging widely. Technology The outcome of any number of far-reaching trends including the consumerization of IT, the adoption of mobile computing and SaaS applications, and the incipient growth of desktop virtualization places identity front and center of the emerging security and management concerns. As identity assumes more centrality for IT (in terms of both the industry and organizational function) in coming to terms with these trends, securing the integrity of the identity assertion, characterizing it in terms of risk assessment, and supplementing (or supplanting) user name and password compose the initial set of security hurdles. After all, advanced adversaries have already demonstrated with phishing attacks and malware proliferation that masquerading as a legitimate user is often the most effective path toward extracting valuable data without immediate detection. While these trends certainly point to far broader demand for authentication, they also suggest that it's no longer business as usual for authentication technology. The countervailing forces that come into play here are those that force authentication vendors either to find ways to secure existing high-value identities more effectively from man-in-the-middle or man-in-thebrowser attacks, or reshape authentication technology so that it's far easier to deploy and manage (or potentially both). As malware continues its relentless insinuation into endpoints and phishing grows in sophistication, the focus has to be on authenticating the identity of the user without exposing the target service or resource to piggybacking exploits. Furthermore, as the threats become more pervasive, the current economics of authentication must be reworked to accommodate a horizontal requirement not only in terms of the direct cost of the authentication token, but also management, enrollment and administration. At first blush, the focus on making authentication easier (and less costly) to implement and use would seem a far less
3 daunting engineering challenge than the NBAD that the Duo founders worked on at Arbor. But the changes in the IT landscape mandate that technology built around a bounded set of use cases, with a limited number of users, undergo a transformation. For Duo as for other vendors the challenge is to engineer a new approach to securing the user component of the emerging services architecture in balance with the need for automation and scale that underlie cloud computing's long-term benefits. This means that not only does the authentication service have to integrate with the target application, it must also associate some meaningful logic with the authentication attempt. We have spoken about the reinvention of the portal, involving the tighter integration of authentication and single sign-on. Duo is headed to the integration of user authentication with authorization at the application logic tier. Products The core component of the Duo platform is its authentication service running in the cloud, which supports four authentication factors (including hard tokens). The driving design principles here are usability, ease of management and deployment, and security of both the platform and the authentication transaction. Duo is uncomfortable with characterization as 'authentication-agnostic.' Instead, the company provides a set of options that can be deployed based on a matrix that covers online or offline, security properties, and device characteristics. The basic mode of authentication across all factors is an on-time password that is delivered to the device, but the platform also supports calls to a standard cell phone or landline to authenticate the user. Where the risk associated with the transaction is higher, the service will generate a notification on the user's smartphone to compel them to confirm the specific transaction details before the request is processed. If they have no phone reception at the time of access, they can receive one-time passcodes via SMS ahead of time, or generate them using Duo's mobile app. Apple iphone and Google Android smartphone users can use Duo Push, which 'pushes' login or transaction details to the phone. In terms of usability, users can select their authentication method once primary authentication has succeeded. No user credentials are stored in the cloud or exposed to the cloud service. The only management data that is exposed through the service is phone numbers but these are never associated with a specific set of user credentials by the service, and can be optionally specified at the point of authentication request. (The service is hosted in third-party datacenters that conform to PCI-DSS requirements and have SAS 70 certification baseline security requirements for a multi-tenanted service.) Primary authentication is against credentials stored in a local store either a flat file or LDAP server like Microsoft Active Directory. Communication between the authentication components is encapsulated in SSL. Where Duo diverges from traditional authentication technology is that it no longer relies on existing Radius servers to integrate to the application. Instead, integration with the application is through prepackaged code for supported SSL VPNs, or through an IFrame/REST-based SDK that allows for integration directly to the application, rather than through an authentication string generated by the Radius server. The service can also integrate directly with the Radius server through an OpenVPN-based proxy, and can support authentication of local and remote Unix logins. Management of policies and users is through a Web-based interface. Administrators can revoke credentials, disable users, and audit access by users and groups. Integrated into the platform is what Duo refers to as real-time fraud alerts, which encompass user-generated alerts from potentially fraudulent logins via phone callback, and a customizable threshold for failed login attempts. Administrators can automatically lock out users after a specified number of invalid logins. Strategy
4 The challenge for Duo will be to balance its technology aspirations with market maturity and existing market opportunities around both secure remote access and privileged user access. Duo's mobile technology and authentication as a service are disruptive to the traditional hardware token model but it's not unique in this respect. We would draw a distinction between authentication as a service and an authentication service that is exposed through an API and can be invoked by a service looking to assess an authorization request. For authentication to effectively tackle the new set of challenges we outlined in the technology section, an authentication service is required that is automated and can operate at scale. This is in part a question of having the right architecture in place, but also the ability to effectively manage the authentication process and allow for a risk-based assessment of trusting the user authentication. So the distinction involves moving from a new delivery model that takes advantage of cloud economies of scale and new technology design principles built around services delivery to infrastructure in the cloud, with integration through servicesbased APIs. However, before Duo delivers on that vision, the company must contend with the pragmatic consideration of having to generate revenue and compete against an increasingly crowded market. Duo has looked to build market reach up into the enterprise through partnerships with system integrators, and has one OEM already in place. We view SaaS providers as potential partners, especially as many look to entrench themselves as identity providers within the enterprise. Competition The granddaddy of two-factor authentication is, of course, RSA, the EMC security division with its SecurID franchise. Gemalto and SafeNet compete in the smart card market, with Duo reporting that it frequently encounters SafeWord OTP technology in competitive situations. (SafeWord comes to SafeNet from the acquisition of Aladdin Knowledge Systems in 2008 by private equity owner Vector Capital). Both vendors are exploring ways of expanding their enterprise footprint. ActivIdentity is looking at ways of expanding its presence in credential management and PKI infrastructure into a broader identity assurance play that builds on digital trust. Symantec has made headway with the VeriSign Identity Protection service since the acquisition of the authentication and SSL business in April 2010, while CA Technologies has managed to keep revenue growth on track at the now rebranded CA CloudMinder authentication service resulting from the acquisition of Arcot Systems for $200m in cash in April Entrust and VASCO Data Security have also experienced plenty of action, across verticals, with authentication as a service picking up. But the authentication marketplace is in the midst of a major transition, as we have outlined more than once. It remains difficult to determine what the net impact of the SecurID breach will be on RSA's fortunes, as conversations with both end users and vendors vary widely on the repercussions of the much publicized (but still little understood) breach of SecurID servers. There is material interest at end users in selecting new authentication providers, but in many cases, these organizations had made the decision to move off expensive hardware tokens to other alternatives even before the breach. The breach merely accelerated the transition, especially when the decision was already made to move to authentication as a service, and to vendors with a known security brand like Symantec/VeriSign or CA Technologies. Furthermore, some organizations have moved swiftly to install new authentication technology, prompted by concerns of unknowable risk, but the absolute numbers are still relatively small. For many legacy applications, the costs of moving to another vendor are not only measured in terms of technology ownership they also involve recoding authentication scripts, and reconfiguring RADIUS servers. Here inertia and the cost-benefit analysis mean that a significant portion of the RSA install base will remain relatively stable.
5 However, the dynamics of the traditional authentication market, dealing with a relatively small subset of users (like system administrators or other privileged users) or with a specific set of use cases involving remote access, through an SSL VPN for instance, is where we anticipate solid growth, but not where authentication will see real innovation and disruption. The prize for vendors like Duo Security is not as much replacement of existing hardware tokens for existing use cases, but rather owning a chunk of the more horizontal market that is shaped by new threats alongside new IT consumption models. The competition here is more theoretical than actual, and is likely to emerge from a mix of startups and established vendors with some potential for new players entering the market through acquisition. Vendors like PhoneFactor, SecurEnvoy, SMS Passcode (in Europe) and Authentify provide phone-based authentication. Yubico and WiKID Systems have also taken new approaches to token-based authentication, while SecureAuth (with its browser-based authentication alternative and SSO) and Technology Nexus are benefiting from the reinvention of the portal trend. There is plenty of interest in this emerging market opportunity, with players like ActivIdentity looking to provide an authentication management tier to accommodate new authentication modes, and vendors like RSA and CA looking to better integrate risk assessment and mobile authentication. We anticipate, too, that Symantec, with its O3 service, will be looking at ways of integrating authentication and authorization. SWOT Analysis Strengths Duo already has market traction, and has built a flexible platform that exploits mobile computing adoption and cloud computing economies of scale. Weaknesses What would have been a distinct voice a year ago, is increasingly drowned out by competing claims about usability, mobile client support and security. To some extent, the RSA breach has increased the noise to signal ration in the market. Opportunities The authentication market is undergoing a period of marked growth, fueled by security concerns, and adoption of new services that create the need for authentication. The hardware token replacement opportunity will be eclipsed by a broader movement toward authentication as a service and new authentication factors over the next 18 months. Threats The escalating and intensifying interest in more flexible and intelligent authentication has the full attention of vendors far larger than Duo, including those with existing service-inthe-cloud footprints. Pricing pressure coupled with comparable technology will take its toll on smaller vendors. This report falls under the following categories. Click on a link below to find similar documents. Company: Duo Security
6 Other Companies: ActivIdentity, Aladdin Knowledge Systems, Apple Inc, Arbor Networks, Arcot Systems, Authentify, Barracuda Networks, CA Technologies, EMC Corp, Entrust, Gemalto, Google, Knowledge Systems Pvt, Microsoft Corporation, Technology Nexus, PhoneFactor, Resonant Venture Partners, RSA Security, SafeNet, SecureAuth, SecurEnvoy, SMS PASSCODE, Symantec, Tektronix Inc, True Ventures, VASCO Data Security International, Vector Capital, VeriSign, WiKID Systems, Yubico Analyst(s): Steve Coplan Sector(s): Security / Identity & access management / Authentication Cloud / Software infrastructure as a service / Security as a service Copyright The 451 Group. All Rights Reserved.
SecureAuth homes in on BYOD management and mobile app access
SecureAuth homes in on BYOD management and mobile app access Analyst: Steve Coplan 16 Apr, 2012 Securing access to enterprise applications from smartphones and mobile tablets has percolated to the top
More informationAuthentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business
Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationTwo-Factor Authentication Evaluation Guide
???? 22700 Two-Factor Authentication Evaluation Guide Learn what to look for when assessing and comparing two-factor authentication solutions. A helpful guide from Two-Factor Authentication Evaluation
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationAuthentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationI D C V E N D O R S P O T L I G H T
I D C V E N D O R S P O T L I G H T E n f o r c i n g I dentity a nd Access Management i n C l o u d a n d Mobile Envi r o n m e n t s November 2012 Adapted from Worldwide Identity and Access Management
More informationGuide to Evaluating Multi-Factor Authentication Solutions
Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor
More informationADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief
ADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS Adaptive Authentication in Juniper SSL VPN Environments Solution Brief RSA Adaptive Authentication is a comprehensive authentication platform providing
More informationRSA SecurID Two-factor Authentication
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
More informationAUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes
AUTHENTIFIERS Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes Authentify delivers intuitive and consistent authentication technology for use with smartphones,
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationAdding Stronger Authentication to your Portal and Cloud Apps
SOLUTION BRIEF Cyphercor Inc. Adding Stronger Authentication to your Portal and Cloud Apps Using the logintc April 2012 Adding Stronger Authentication to Portals Corporate and consumer portals, as well
More informationUsing Entrust certificates with VPN
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
More informationFacebook s Security Philosophy, and how Duo helps.
Facebook s Security Philosophy, and how Duo helps. How Duo Factors in to Facebook s Information Security Philosophy The Challenge: Facebook manages personal data for 1.19 billion active users 1 across
More informationTECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION
TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION SMS PASSCODE is the leading technology in a new generation of two-factor authentication systems protecting against the modern Internet threats.
More informationQUICK SELLING GUIDE THE FUTURE OF AUTHENTICATION
QUICK SELLING GUIDE THE FUTURE OF AUTHENTICATION Who are SecurEnvoy? As the original inventors of tokenless authentication, our goal is to continue to design innovative solutions that take advantage of
More informationAuthentication Strategy: Balancing Security and Convenience
Authentication Strategy: Balancing Security and Convenience Today s Identity and Access Security Strategies Are Being Driven by Two Critical Imperatives: Enable business growth by: Quickly deploying new
More information2012 European Cloud-Based Authentication Services New Product Innovation Award
2012 2012 European Cloud-Based Authentication Services New Product Innovation Award 2012 Frost & Sullivan 1 We Accelerate Growth New Product Innovation Award Cloud-Based Authentication Service Europe,
More informationMulti- factor Authentication Initiative
Multi- factor Authentication Initiative "UCR s Multi- factor Authentication Initiative is an easy- to- use solution to our need to secure our campus community s credentials. The Duo Security system that
More informationGlobal Multi-factor Authentication Market 2015-2019
Brochure More information from http://www.researchandmarkets.com/reports/3058588/ Global Multi-factor Authentication Market 2015-2019 Description: About Multi-factor Authentication Multi-factor authentication
More informationWhitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION TWO-FACTOR AUTHENTICATION
Whitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION TWO-FACTOR AUTHENTICATION A RECENT SURVEY SHOWS THAT 90% OF ALL COMPANIES HAD BEEN BREACHED IN THE LAST 12 MONTHS. THIS PARED WITH THE FACT THAT
More informationHow To Make A Multi-Tenant Platform Secure And Secure
Authentication As A Service Why new Cloud based Authentication solutions will be adopted by about 50% of the companies by 2017? Jason Hart CISSP CISM VP Cloud Solutions What a great world Today's World
More informationOut-of-Band Multi-Factor Authentication Cloud Services Whitepaper
Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper StrikeForce Technologies, Inc. 1090 King Georges Post Rd. Edison, NJ 08837, USA Tel: 732 661-9641 Fax: 732 661-9647 http://www.sftnj.com
More informationTwo-Factor Authentication
WHITE PAPER: TWO-FACTOR AUTHENTICATION: A TCO VIEWPOINT........................................ Two-Factor Authentication Who should read this paper This whitepaper is directed at IT, Security, and Compliance
More informationAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) Market A White Paper Prepared by Martha Vazquez, Research Analyst TABLE OF CONTENTS Introduction... 3 Brief Overview of the OTP Market...
More informationKey Authentication Considerations for Your Mobile Strategy
Key Authentication Considerations for Your Mobile Strategy The Need for Mobile Authentication Reaches Critical Mass According to an old adage, consumers speak through their pocketbooks. While that saying
More informationIntegrating Single Sign-on Across the Cloud By David Strom
Integrating Single Sign-on Across the Cloud By David Strom TABLE OF CONTENTS Introduction 1 Access Control: Web and SSO Gateways 2 Web Gateway Key Features 2 SSO Key Features 3 Conclusion 5 Author Bio
More informationTransaction Anomaly Protection Stopping Malware At The Door. White Paper
Transaction Anomaly Protection Stopping Malware At The Door White Paper Table of Contents Overview 3 Programmable Crime Logic Alter Web Application Flow & Content 3 Programmable Crime Logic Defeats Server-Side
More informationAuthentication in the Modern World
Authentication in the Modern World 4 Best Practices for Adapting to the Shifting Paradigms in IT whitepaper Based on the Webcast, The Token is Dead! Long Live the Token! This white paper leverages the
More informationMoving Beyond User Names & Passwords
OKTA WHITE PAPER Moving Beyond User Names & Passwords An Overview of Okta s Multifactor Authentication Capability Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871
More information3Si Managed Authentication Services Service Description
3Si Managed Authentication Services Service Description [Pick the date] 3Si Managed Authentication Services Service Description [Type the document subtitle] JT www.3sicloud.com www.3sicloud.com enquiry@3sicloud.com
More informationThe PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition
The PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition Find out what organizations need to know to compare two-factor vendors and check
More informationHello, It's Me: Mobile Options for End-User Authentication
Hello, It's Me: Mobile Options for End-User Authentication As enterprises re-evaluate their strategies for authenticating end-users with methods that are stronger than traditional usernames and passwords,
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More informationEnterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect
Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment Paul Luetje Enterprise Solutions Architect Table of Contents Welcome... 3 Purpose of this document...
More informationMoving Beyond User Names & Passwords Okta Inc. info@okta.com 1-888-722-7871
Moving Beyond User Names & Passwords An Overview of Okta s Multifactor Authentication Capability Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Contents 1 Moving Beyond
More informationSecuring Virtual Desktop Infrastructures with Strong Authentication
Securing Virtual Desktop Infrastructures with Strong Authentication whitepaper Contents VDI Access Security Loopholes... 2 Secure Access to Virtual Desktop Infrastructures... 3 Assessing Strong Authentication
More informationSECURING IDENTITIES IN CONSUMER PORTALS
SECURING IDENTITIES IN CONSUMER PORTALS Solution Brief THE CHALLENGE IN SECURING CONSUMER PORTALS TODAY The Bilateral Pull between Security and User Experience As the world becomes increasingly digital,
More informationWhite paper. Four Best Practices for Secure Web Access
White paper Four Best Practices for Secure Web Access What can be done to protect web access? The Web has created a wealth of new opportunities enabling organizations to reduce costs, increase efficiency
More informationHow to reduce the cost and complexity of two factor authentication
WHITEPAPER How to reduce the cost and complexity of two factor authentication Published September 2012 48% of small and medium sized businesses consistently cite technical complexity and cost of ownership
More informationWHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES
WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES Executive Overview U.S. Federal mandates dictates that personal with defense related initiatives must prove access
More informationThe Authentication Revolution: Phones Become the Leading Multi-Factor Authentication Device
The Authentication Revolution: Phones Become the Leading Multi-Factor Authentication Device PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-668-6536 www.phonefactor.com Executive
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationAuthentication Solutions Buyer's Guide
WHITE PAPER: AUTHENTICATION SOLUTIONS BUYER'S GUIDE........................................ Authentication Solutions Buyer's Guide Who should read this paper Individuals who would like more details regarding
More informationThe Cloud, Mobile and BYOD Security Opportunity with SurePassID
The Cloud, Mobile and BYOD Security Opportunity with SurePassID Presentation for MSPs and MSSPs January 2014 SurePassID At A Glance Founded 2009 Headquartered in Orlando, FL 6 sales offices in North America,
More informationHow to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications
SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this
More informationnexus Hybrid Access Gateway
Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries
More informationTECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION
TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION SMS PASSCODE is the leading technology in a new generation of two-factor authentication systems protecting against the modern Internet threats.
More informationMulti-factor Authentication
Multi-factor Authentication Current Usage and Trends whitepaper Executive Summary In this digital age, validating identities and controlling access is vital, which is why multifactor authentication has
More informationidentity as the new perimeter: securely embracing cloud, mobile and social media agility made possible
identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,
More informationProposal Document TitleDocument Version 1.0 TitleDocument
G-Cloud - Strong Authentication Service - Service Definition Proposal Document Author TitleDocument Version 1.0 TitleDocument Document publication date - 02/12/2014 Title Document Classification - Public
More informationProtect Everything: Networks, Applications and Cloud Services
Protect Everything: Networks, Applications and Cloud Services Tokens & Users Cloud Applications Private Networks Corporate Network API LDAP / Active Directory SAML RADIUS Corporate Network LDAP / Active
More informationStrong Authentication for Secure VPN Access
Strong Authentication for Secure VPN Access Solving the Challenge of Simple and Secure Remote Access W H I T E P A P E R EXECUTIVE SUMMARY In today s competitive and efficiency-driven climate, organizations
More informationMobile App Containers: Product Or Feature?
ANALYST BRIEF Mobile App Containers: Product Or Feature? APPLE AND SAMSUNG HAVE TAKEN BIG STEPS WITH CONTAINERIZATION Author Andrew Braunberg Overview Secure workspaces, or containers, used for isolating
More informationProtectID. for Financial Services
ProtectID for Financial Services StrikeForce Technologies, Inc. 1090 King Georges Post Road #108 Edison, NJ 08837, USA http://www.strikeforcetech.com Tel: 732 661-9641 Fax: 732 661-9647 Introduction 2
More informationEnterprise Portal Built by and for Higher Education
www.apereo.org/uportal Enterprise Portal Built by and for Higher Education Now Responsive for All Devices along with Native App Experience There is a growing demand for higher education institutions to
More informationStrong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment
Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1
More informationIDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers
IDENTITY & ACCESS Providing Cost-Effective Strong Authentication in the Cloud a brief for cloud service providers Introduction Interest and use of the cloud to store enterprise resources is growing fast.
More informationPRIVACY, SECURITY AND THE VOLLY SERVICE
PRIVACY, SECURITY AND THE VOLLY SERVICE Delight Delivered by EXECUTIVE SUMMARY The Volly secure digital delivery service from Pitney Bowes is a closed, secure, end-to-end system that consolidates and delivers
More informationExecutive Summary P 1. ActivIdentity
WHITE PAPER WP Converging Access of IT and Building Resources P 1 Executive Summary To get business done, users must have quick, simple access to the resources they need, when they need them, whether they
More informationRSA Solution Brief. RSA SecurID Authentication in Action: Securing Privileged User Access. RSA Solution Brief
RSA SecurID Authentication in Action: Securing Privileged User Access RSA SecurID solutions not only protect enterprises against access by outsiders, but also secure resources from internal threats The
More informationEntrust IdentityGuard
+1-888-437-9783 sales@identisys.com IdentiSys.com Distributed by: Entrust IdentityGuard is an award-winning software-based authentication enterprises and governments. The solution serves as an organization's
More informationThe Essential Security Checklist. for Enterprise Endpoint Backup
The Essential Security Checklist for Enterprise Endpoint Backup IT administrators face considerable challenges protecting and securing valuable corporate data for today s mobile workforce, with users accessing
More informationSymantec Mobile Management for Configuration Manager 7.2
Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices
More informationHow To Comply With Ffiec
SOLUTION BRIEF authentication in the internet banking environment: The solution for FFIEC compliance from CA Technologies agility made possible Introduction to FFIEC Compliance In October of 2005, the
More informationWeb Threat Detection 5.0, the second major release under RSA for the former Silver Tail
Web Threat Detection 5.0, the second major release under RSA for the former Silver Tail Analyst: Javvad Malik 24 Sep, 2014 It's almost two years to the day since RSA acquired Web-fraud detection vendor
More informationIDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape
IDENTITY & ACCESS BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape Introduction How does your enterprise view the BYOD (Bring Your Own Device) trend opportunity
More informationRSA Authentication Manager 8.1 Help Desk Administrator s Guide
RSA Authentication Manager 8.1 Help Desk Administrator s Guide Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm
More informationBarracuda Networks Technical Documentation. Barracuda SSL VPN. Administrator s Guide. Version 2.x RECLAIM YOUR NETWORK
Barracuda Networks Technical Documentation Barracuda SSL VPN Administrator s Guide Version 2.x RECLAIM YOUR NETWORK Copyright Notice Copyright 2004-2011, Barracuda Networks, Inc. www.barracuda.com v20-110511w-02-110915jc
More informationMODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION
Whitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION A SURVEY SHOWS THAT 90% OF ALL COMPANIES HAD BEEN BREACHED IN THE LAST 12 MONTHS. THIS PAIRED WITH THE FACT THAT THREATS
More informationRSA SecurID Software Token 1.0 for Android Administrator s Guide
RSA SecurID Software Token 1.0 for Android Administrator s Guide Contact Information See the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA,
More informationWhite Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0
White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative
More informationCisco Mobile Collaboration Management Service
Cisco Mobile Collaboration Management Service Cisco Collaboration Services Business is increasingly taking place on both personal and company-provided smartphones and tablets. As a result, IT leaders are
More informationPULSE SECURE FOR GOOGLE ANDROID
DATASHEET PULSE SECURE FOR GOOGLE ANDROID Product Overview In addition to enabling network and resource access for corporate managed mobile devices, many enterprises are implementing a Bring Your Own Device
More informationThe Benefits of an Integrated Approach to Security in the Cloud
The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationMedia Shuttle s Defense-in- Depth Security Strategy
Media Shuttle s Defense-in- Depth Security Strategy Introduction When you are in the midst of the creative flow and tedious editorial process of a big project, the security of your files as they pass among
More informationMobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager
Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords Mika Devonshire Associate Product Manager 1 Agenda 2 What is Cybersecurity? Quick overview of the core concepts 3 Cybercrime
More informationexpanding web single sign-on to cloud and mobile environments agility made possible
expanding web single sign-on to cloud and mobile environments agility made possible the world of online business is rapidly evolving In years past, customers once tiptoed cautiously into the realm of online
More informationWHITEPAPER. Identity Access Management: Beyond Convenience
WHITEPAPER Identity Access Management: Beyond Convenience INTRODUCTION Identity and Access Management (IAM) is the official description of the space in which OneLogin operates in but most people who are
More informationWHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT
WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT Executive Overview SAML (Security Assertion Markup Language) is a standard that facilitates the exchange of security information. Developed by
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationRSA Authentication Manager 8.1 Help Desk Administrator s Guide. Revision 1
RSA Authentication Manager 8.1 Help Desk Administrator s Guide Revision 1 Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationCAMPUS EXPERIENCES USING NET+ TRUST, IDENTITY, AND SECURITY SERVICES
CAMPUS EXPERIENCES USING NET+ TRUST, IDENTITY, AND SECURITY SERVICES Nicholas Roy Penn State (Pennsylvania State University, The) Andrea Harrington Penn State (Pennsylvania State University, The) Michael
More informationIdentity Access Management: Beyond Convenience
Identity Access Management: Beyond Convenience June 1st, 2014 Identity and Access Management (IAM) is the official description of the space in which OneLogin operates in but most people who are looking
More informationSymantec Mobile Management 7.1
Scalable, secure, and integrated device management for healthcare Data Sheet: Industry Perspectives Healthcare Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any
More informationADVANCED TWO-FACTOR AUTHENTICATION VIA YOUR MOBILE PHONE
ADVANCED TWO-FACTOR AUTHENTICATION VIA YOUR MOBILE PHONE SMS PASSCODE is the technology leader in a new generation of two-factor authentication systems protecting against the modern Internet threats. The
More informationSymantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management
Mobile Application Management and Protection Data Sheet: Mobile Security and Management Overview provides integrated mobile application and device management capabilities for enterprise IT to ensure data
More informationAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
50 Years of Growth, Innovation and Leadership An Overview and Competitive Analysis of the One-Time Password (OTP) Market A Frost & Sullivan White Paper Richard Martinez Research Analyst www.frost.com Frost
More informationProtecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks
Protecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks Whitepaper W H I T E P A P E R OVERVIEW Arcot s unmatched authentication expertise and unique technology give organizations
More informationPowering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel World Archit Lohokare Global Product Manager IBM Security Systems 1 2012 IBM Corporation IBM Security Systems division is one of the largest
More informationFederated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.
PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading
More informationSwivel Multi-factor Authentication
Swivel Multi-factor Authentication White Paper Abstract Swivel is a flexible authentication solution that offers a wide range of authentication models. The use of the Swivel patented one-time code extraction
More informationLenovo Secure Cloud Access Access your files, applications and reports from any device.
Lenovo Secure Cloud Access Access your files, applications and reports from any device. Introduction Since 2000, Stoneware has focused on one core belief; files, applications and reports should be delivered
More informationAn Overview of Samsung KNOX Active Directory-based Single Sign-On
C E N T R I F Y W H I T E P A P E R. S E P T E M B E R 2013 An Overview of Samsung KNOX Active Directory-based Single Sign-On Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationCA Arcot RiskFort. Overview. Benefits
PRODUCT SHEET: CA Arcot RiskFort CA Arcot RiskFort CA Arcot RiskFort provides real-time protection against identity theft and online fraud via risk based, adaptive authentication. It evaluates the fraud
More informationSymantec Managed PKI Service Deployment Options
WHITE PAPER: SYMANTEC MANAGED PKI SERVICE DEPLOYMENT............. OPTIONS........................... Symantec Managed PKI Service Deployment Options Who should read this paper This whitepaper explains
More information