how can I provide strong authentication for VPN access in a user convenient and cost effective manner?
|
|
- Anne Benson
- 7 years ago
- Views:
Transcription
1 SOLUTION BRIEF CA Advanced Authentication how can I provide strong authentication for VPN access in a user convenient and cost effective manner? agility made possible
2 provides a flexible set of user convenient, two-factor credentials and transparent riskbased evaluations to improve the security of VPN access. Our software-based approach is highly scalable and cost effective. 2
3 executive summary Challenge In today s distributed world organizations must provide their employees, contractors, and business partners with remote access to a wide variety of applications and data. Most organizations use a Virtual Private Network (VPN) to protect remote access. With the wide array of sensitive employee and corporate data that is accessible through the typical VPN and the rash of recent password breaches, it is clear that the typical password login is not secure enough. Traditional hardware-based approaches are expensive, impractical for large user groups and cumbersome for end users. Organizations need a more secure way to protect remote access to employee and partner portals/applications. Opportunity CA Advanced Authentication provides a secure, user convenient and cost effective way to provide strong authentication for VPN access. CA AuthMinder provides a variety of user friendly multifactor authentication credentials and CA RiskMinder provides real-time, transparent risk evaluation based on contextual factors. Together they enable an intelligent, layered security approach to protect user identities and organizational data that is accessible through a VPN. Benefits Further verifying the identity of a user before granting access to sensitive information reduces the risk of inappropriate access. It provides additional security for all of the applications and sensitive data that can be accessed through the VPN and thus helps reduce the risk of employee identity theft, corporate espionage, intellectual property theft and other data breaches. Providing this protection in a familiar, user friendly manner allows organizations to improve the productivity of remote workers and partners and thus further enable the business, without increasing the risk of fraudulent activity. 3
4 Section 1: Challenge Securely connect employees and partners to business applications Remote access is vital to business today Today s business environment demands strong communication and quick turn-around times. Employees, contractors, and business partners want access to the information they need, where and when they need it. VPNs create a private tunnel through the public internet between a remote user and the organization s internal network. The VPN encrypts the data in the tunnel, preventing anyone who intercepts the data from being able to understand the contents. VPNs enable users to gain access to a company s internal network from anywhere in the world, through a range of methods: Simple web-based interfaces that allow authenticated access to web applications such as a partner portal Full client deployments that provide a virtual office with file sharing, print sharing, and legacy application access for remote users Dedicated links that connect branch offices to corporate headquarters Additional data types, compliance requirements and privacy guidelines With the growth in VPN users and the number of applications they utilize comes an inevitable increase in the amount and types of sensitive data that they access. This typically spans a spectrum from personally identifiable information about employees that must be handled carefully, to a wide range of enterprise data that needs to be protected from inappropriate access. Much of this sensitive information is protected by internal security policies, privacy guidelines or official compliance regulations (PCI, SOX, HIPAA, etc.). Organizations need to create and enforce security processes that protect various forms of sensitive data based on current regulations. These regulations recommend or in some cases require strong authentication to protect sensitive data. This is a fluid environment because both new threats and new regulations are regular occurrences. There is a strong need for solutions that can easily adjust to this changing environment and minimize the exposure for both the enterprise and their remote online users. 4
5 Authentication is typically the weak link in remote access security In the past ten years organizations have consistently added data and applications to employee and partner portals that are protected by VPNs. In most instances there is confidential product information, non-public financial data, organizational/personnel information, benefits and healthcare information, personal financial information and more that is now accessible through the VPN. Although the tunnel created by the VPN helps keep information that flows through it private (see #2 in Figure A below), it doesn t fully prevent unauthorized access to the organization s network. Often, there is nothing more than a simple username and password protecting the first mile of a VPN, the authentication of the remote user (see #1 in Figure A below). Figure A. Secure remote access Secure VPN access involves: 1. Appropriate authentication 2. Secure VPN transit of data Recent attacks such as phishing, Man-In-The-Middle (MITM), brute force and Spyware show how easily passwords can be compromised. During a few weeks in the summer 2012 over 8 million passwords were stolen from LinkedIn, Yahoo and eharmony. Attackers now try passwords across multiple online sites. Once they compromise login credentials, they can gain easy access to the organization s internal network and the wealth of valuable information that it contains. To reduce this risk, most security experts recommend the replacement of simple username/password combinations for online access authentication with stronger authentication methods. Multi-factor authentication (also known as strong authentication ) requires users to employ more than one factor to prove their identity before they receive online access. Factors can include: Something you know (such as a PIN or password); Something you have (such as a smart card, digital ID, or One Time Password generator); Something you are (a biometric factor such as fingerprint or voiceprint). The challenge is to adequately verify user identity before providing access through the VPN and to give organizations the confidence to make increasingly sensitive information and activities available to remote employees and partners. This has to be done in a way that is user friendly and convenient to promote adoption and preserve the original goals of efficiency and employee productivity. 5
6 Section 2: Opportunity Secure, convenient and cost effective authentication for VPNs In the early days organizations had a small number of remote users and when they looked for a two-factor authentication method the most popular options were hardware tokens or smartcards. Each of these items represented something that the user had along with something they knew (their password or PIN). Administrators quickly realized the many inherent problems with these methods. First they were very cumbersome to handle, configure and deliver to remote users. Second they were both expensive initially and they had to be purchased, configured and distributed over and over again each time the batteries ran out. Not to mention the frequent issues with lost, stolen and broken tokens. Replacement processes took time and frustrated employees and partners. End users complained about the hassle of carrying an additional device. At the same time, new forms of attack were developed such as man-in-the-middle which could capture the one-time-password that was entered from these hardware devices. Luckily the concept of software-based tokens was introduced to deal with the many limitations of hardware-based solutions while still providing two-factor security. Initial software tokens were just a file that resided on the user s computer and the combination of the password (something you know) and the software token (something you have) represented the two factors. There were some security concerns with this method because if a hacker got a hold of that file on your device they could initiate a brute force attack and derive the password and thus gain access to the VPN and sensitive applications. Also if the hacker could get your password and the software file they could use that same combination from another device and gain access. So while software tokens did a great job eliminating many of the problems with hardware tokens: Lower initial purchase price Quicker and less expensive distribution Simpler administration Automated self-service Easier replacement process they still had some limitations of their own: Potential portability issue (transferability to another device) Exposure to dictionary/brute force attacks But now, an advanced form of software tokens (described below) has developed a way to deal with these limitations so organizations can get the many benefits of a software-based solution combined with the strong level of two factor security they need. 6
7 Risk-based authentication has also emerged on the scene to help organizations further verify remote user s identity. This type of analysis has been done for years in the financial services industry to help protect against fraudulent transactions. For it to be useful in the VPN use case that we are discussing here, it needs to be real-time and provide both pre-set rules and have the flexibility to create new rules to meet the individual needs of an organization and adjust to new threats. CA Technologies Advanced Authentication options for VPNs CA Advanced Authentication consists of risk-based evaluation plus a wide range of secure two-factor credentials and delivery formats. This functionality can be implemented separately or as a combined solution that is managed from a single console. The multifactor credentials provide all of the benefits you expect from a software-based approach and address the above-mentioned limitations to provide a secure, convenient and cost effective solution that can scale reliably and be delivered on-premise or from the cloud. CA AuthMinder versatile authentication server CA AuthMinder is a versatile authentication server which provides a broad set of authentication methods that can be applied as appropriate for different applications, user groups and situations. CA AuthMinder supports password, security Q&A, out-of-wallet Q&A, OTP via SMS/ /voice, OATH tokens, and the unique forms of CA ArcotID (PKI, OTP, EMV). ArcotIDs are secure software credentials that provide two-factor authentication without the cost or inconvenience of hardware. A patented key concealment technology is used to help protect the software credentials from attacks that attempt to derive the password. ArcotIDs can be deployed on a computer/tablet or mobile phone providing two-factor authentication from a user s mobile device. Free mobile applications are available for download from the itunes App Store or the Android Market. This solution supports a variety of VPN technologies including SSL, hybid or tunneling SSL and IPSec-based VPNs. CA ArcotID: Two-factor VPN authentication with secure software tokens CA ArcotID PKI is a self-contained, PKI-based two-factor credential that employs a challenge/response format which provides additional protection against password guessing or man-in-the-middle attacks. This software based credential is both easy to deploy and simple for users. The one-time enrollment process can be as easy as a few self-service screens or it can be extended to include knowledge-based answers ( KBA ) or SMS delivery of a one-time code for extra security. After enrollment, the user part of login process to the VPN is as simple as entering their username and password (no new training or devices are needed). Behind the scenes the second portion of the authentication process occurs automatically as follows: The authentication server first sends a hidden challenge (a random string of text) to the CA ArcotID. When the user provides the correct password to the CA ArcotID, the CA ArcotID uses the private key to sign this challenge to create the corresponding response. Only this response is sent back to the authentication server for verification. Because the ArcotID will only communicate with the AuthMinder server from which it was created, it is not susceptible to Man-in-the-Middle attacks. Other eavesdropper attacks are thwarted because the CA ArcotID doesn t store the password used to derive the private key anywhere, or transmit it to the server. This credential is also equipped with a patented Cryptographic Camouflage technology designed to conceal the key, and thus protect it from brute force and dictionary attacks. 7
8 The ArcotID PKI can be locked to a specific device to guard against an attacker moving the credential to another device and trying to use it to gain access to the VPN. This combination of functionality provides security similar to a hardware token with the many cost, usability and maintenance benefits of a software solution. The ArcotID can provide multi-factor protection in the background while keeping the user s experience, when signing on to the VPN, as simple as their familiar username/password process. Figure B. Two-factor authentication Two software-based approaches: 1. CA ArcotID PKI 2. CA ArcotID OTP CA ArcotID OTP (one-time-passcode) credential is a secure software passcode generator that allows mobile phones, ipads and other PDAs to become a convenient authentication device. If VPN users are familiar with an OTP approach, this is an easy way to upgrade to a software-based solution that is secure, scalable and cost effective. It supports standards including OATH (HOTP, TOTP) and EMV (CAP/ DPA). CA ArcotID OTP also has patented key concealment technology to protect it from dictionary or brute force attacks and it too can be locked to a specific device to prevent access from a stolen/moved credential. In situations where an out-of-band authentication method is preferred, CA AuthMinder can send an OTP to the user via SMS/ or voice. This process is a popular way to further verify a user s identity when initially distributing the credential and it can be a good form of step-up authentication as well. Risk-based authentication CA RiskMinder provides real-time risk evaluation of contextual factors, so that you can detect and stop inappropriate VPN access on its own or it can provide a second level of protection that can catch fraudulent activity even if credentials have been compromised. In situations where additional authentication security is necessary but an organization isn t ready to take the step to require additional credentials from all users, risk-based authentication can be a smart, just-in-time type of approach. It can detect and protect against high-risk access attempts and transactions by analysing a wide set of factors without requiring any direct input from the end user. Simply adding a transparent (no action required from the user) risk-evaluation provides greater assurance that the user is who they claim to be. This allows legitimate users, the majority of the login attempts, to continue uninterrupted because their risk score is low. In the small number cases with a 8
9 medium level risk score where there are one or two contextual items that are abnormal (unrecognized device, unfamiliar location, etc.) the user can automatically be required to do step-up authentication to further prove their identity. This could include answering knowledge-based questions or entering a one-time-password that has been sent (out-of-band via SMS, or voice) to their mobile phone. High risk access attempts can be denied and/or cause an alert that triggers customer service intervention if necessary. The organization has the ability to use pre-set rules and/or add custom rules to control and adjust the risk scoring process to fit their environment. Figure C. Risk-based evaluation Transparent risk evaluation of contextual factors increases security Two-factor software-based authentication can be combined with risk-based authentication to provide a powerful layered security approach that can significantly reduce the risk of inappropriate VPN access while still maintaining a simple and user friendly experience. This type of a secure implementation can be very helpful for dealing with compliance regulations and auditing requirements. This combination of a strong two-factor credential and background risk evaluation can make it much more difficult for an attacker to gain access to the VPN and the organization s internal network. Figure D. Layered security Combining strong authentication credentials and risk evaluation is a layered security approach 9
10 Section 3: Benefits Remote and mobile user enablement with reduced risk Organizations are becoming more global and as a result more network users are either remote or mobile. Providing a remote access environment that includes both strong authentication and VPN protection is critical to productivity and security. The CA Advanced Authentication solution described above helps verify the identity of VPN users and thus makes organizations more comfortable providing remote access to additional applications. The software format makes it easier to distribute, maintain and scale to a larger user base. The simple enrollment process, familiar login format and self-service features increase adoption and help maintain a high level of user satisfaction. The patented key concealment technology makes it more secure than other software token solutions by reducing the risk of inappropriate access due to a compromised password. Adding the risk-based evaluation of CA RiskMinder provides additional security and even protects the organization if credentials are compromised. This further reduces risk with no impact to the legitimate user because the contextual risk evaluation happens in the background. Together this layered approach can help an organization increase security, meet compliance regulations and reduce administration costs while facilitating the increased productivity that secure remote access enables. This is a powerful combination of benefits, any one of which could be used to justify the solution, but together create a compelling business case for any organization. Section 4: The CA Technologies advantage CA Advanced Authentication consists of risk-based evaluation plus a variety of secure two-factor credentials and delivery formats. This functionality can be implemented separately or as a combined solution that is managed from a single console. The multifactor credentials provide all of the benefits you expect from a software-based approach and have patented key security to provide a secure, convenient and cost effective solution that can scale reliably and be delivered on-premise or from the Cloud. CA Advanced Authentication is integrated with CA SiteMinder to provide a strong combination of authentication, single-sign-on, authorization, federation and centralized web access management. It is part of a robust IAM security solution that includes identity management/governance, privileged user controls, data loss prevention and directory. 10
11 Section 5: Next Steps Organizations should take a look at the full spectrum of data and resources that users can access via their VPN and develop a risk appropriate authentication strategy. In many situations this will reveal the need for some form of strong authentication. The next challenge is to select the best combination of security, cost and user convenience to meet these needs. CA Technologies offers a wide range of strong authentication solutions that provide additional security in a user friendly and cost effective manner. To learn more about CA Advanced Authentication visit ca.com/us/multifactor-authentication. CA Technologies (NASDAQ: CA) provides IT management solutions that help customers manage and secure complex IT environments to support agile business services. Organizations leverage CA Technologies software and SaaS solutions to accelerate innovation, transform infrastructure and secure data and identities, from the data center to the cloud. CA Technologies is committed to ensuring our customers achieve their desired outcomes and expected business value through the use of our technology. To learn more about our customer success programs, visit ca.com/customer-success. For more information about CA Technologies go to ca.com. Copyright 2012 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or noninfringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised in advance of the possibility of such damages. CA does not provide legal advice. Neither this document nor any software product referenced herein serves as a substitute for your compliance with any laws (including but not limited to any act, statute, regulation, rule, directive, standard, policy, administrative order, executive order, and so on (collectively, Laws )) referenced herein or any contract obligations with any third parties. You should consult with competent legal counsel regarding any such Laws or contract obligations. CS3255_1212
SOLUTION BRIEF CA ADVANCED AUTHENTICATION. How can I provide effective authentication for employees in a convenient and cost-effective manner?
SOLUTION BRIEF CA ADVANCED AUTHENTICATION How can I provide effective authentication for employees in a convenient and cost-effective manner? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT
More informationHow To Comply With Ffiec
SOLUTION BRIEF authentication in the internet banking environment: The solution for FFIEC compliance from CA Technologies agility made possible Introduction to FFIEC Compliance In October of 2005, the
More informationAuthentication Strategy: Balancing Security and Convenience
Authentication Strategy: Balancing Security and Convenience Today s Identity and Access Security Strategies Are Being Driven by Two Critical Imperatives: Enable business growth by: Quickly deploying new
More informationStrong Authentication for Secure VPN Access
Strong Authentication for Secure VPN Access Solving the Challenge of Simple and Secure Remote Access W H I T E P A P E R EXECUTIVE SUMMARY In today s competitive and efficiency-driven climate, organizations
More informationSOLUTION BRIEF ADVANCED AUTHENTICATION. How do I increase trust and security with my online customers in a convenient and cost effective manner?
SOLUTION BRIEF ADVANCED AUTHENTICATION How do I increase trust and security with my online customers in a convenient and cost effective manner? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT
More informationsolution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?
solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? provides identity and access management capabilities as a hosted cloud service. This allows you to quickly
More informationCA ArcotOTP Versatile Authentication Solution for Mobile Phones
PRODUCT SHEET CA ArcotOTP CA ArcotOTP Versatile Authentication Solution for Mobile Phones Overview Consumers have embraced their mobile phones as more than just calling or texting devices. They are demanding
More informationCA Arcot RiskFort. Overview. Benefits
PRODUCT SHEET: CA Arcot RiskFort CA Arcot RiskFort CA Arcot RiskFort provides real-time protection against identity theft and online fraud via risk based, adaptive authentication. It evaluates the fraud
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationexpanding web single sign-on to cloud and mobile environments agility made possible
expanding web single sign-on to cloud and mobile environments agility made possible the world of online business is rapidly evolving In years past, customers once tiptoed cautiously into the realm of online
More informationHow CA Arcot Solutions Protect Against Internet Threats
TECHNOLOGY BRIEF How CA Arcot Solutions Protect Against Internet Threats How CA Arcot Solutions Protect Against Internet Threats we can table of contents executive summary 3 SECTION 1: CA ArcotID Security
More informationAdvanced Authentication Methods: Software vs. Hardware
Advanced Authentication Methods: Software vs. Hardware agility made possible The Importance of Authenticationn In the world of technology, the importance of authentication cannot be overstated mainly because
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationStrong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment
Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1
More informationEntrust IdentityGuard
+1-888-437-9783 sales@identisys.com IdentiSys.com Distributed by: Entrust IdentityGuard is an award-winning software-based authentication enterprises and governments. The solution serves as an organization's
More informationdefending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
More informationCA SiteMinder SSO Agents for ERP Systems
PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security
More informationWHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords
WHITE PAPER AUGUST 2014 Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords 2 WHITE PAPER: PREVENTING SECURITY BREACHES Table of Contents on t Become the Next Headline
More informationCA Viewpoint. Meeting the European Banking Authority Guidelines and EU Payment Security Directive for Secure Authentication
EXECUTIVE BRIEF AUGUST 2015 CA Viewpoint Summary of European Banking Authority Guidelines and How CA Can Help Meeting the European Banking Authority Guidelines and EU Payment Security Directive for Secure
More informationMulti-Factor Authentication
Enhancing network security through the authentication process Multi-Factor Authentication Passwords, Smart Cards, and Biometrics INTRODUCTION Corporations today are investing more time and resources on
More informationAuthentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business
Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationKey Authentication Considerations for Your Mobile Strategy
Key Authentication Considerations for Your Mobile Strategy The Need for Mobile Authentication Reaches Critical Mass According to an old adage, consumers speak through their pocketbooks. While that saying
More informationSOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?
SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY How Can I Both Enable and Protect My Organization in the New Application Economy? CA Security solutions can help you enable and protect your business
More informationGuide to Evaluating Multi-Factor Authentication Solutions
Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor
More informationADAPTIVE USER AUTHENTICATION
ADAPTIVE USER AUTHENTICATION SMS PASSCODE is the leading technology in adaptive multi-factor authentication, improving enterprise security and productivity through an easy to use and intelligent solution
More informationCA Technologies Healthcare security solutions:
CA Technologies Healthcare security solutions: Protecting your organization, patients, and information agility made possible Healthcare industry imperatives Security, Privacy, and Compliance HITECH/HIPAA
More informationSOLUTION BRIEF SEPTEMBER 2014. Healthcare Security Solutions: Protecting your Organization, Patients, and Information
SOLUTION BRIEF SEPTEMBER 2014 Healthcare Security Solutions: Protecting your Organization, Patients, and Information SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT 94% of healthcare organizations
More informationClosing the Biggest Security Hole in Web Application Delivery
WHITE PAPER DECEMBER 2014 Closing the Biggest Security Hole in Web Application Delivery Addressing Session Hijacking with CA Single Sign-On Enhanced Session Assurance with DeviceDNA Martin Yam CA Security
More informationTake the cost, complexity and frustration out of two-factor authentication
Take the cost, complexity and frustration out of two-factor authentication Combine physical and logical access control on a single card to address the challenges of strong authentication in network security
More informationAuthentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationCA Adapter. Installation and Configuration Guide for Windows. r2.2.9
CA Adapter Installation and Configuration Guide for Windows r2.2.9 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationAdding Stronger Authentication to your Portal and Cloud Apps
SOLUTION BRIEF Cyphercor Inc. Adding Stronger Authentication to your Portal and Cloud Apps Using the logintc April 2012 Adding Stronger Authentication to Portals Corporate and consumer portals, as well
More informationHow can Content Aware Identity and Access Management give me the control I need to confidently move my business forward?
SOLUTION BRIEF Content Aware Identity and Access Management May 2010 How can Content Aware Identity and Access Management give me the control I need to confidently move my business forward? we can CA Content
More informationSOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite
SOLUTION BRIEF Enterprise Mobility Management Critical Elements of an Enterprise Mobility Management Suite CA Technologies is unique in delivering Enterprise Mobility Management: the integration of the
More informationSecuring Virtual Desktop Infrastructures with Strong Authentication
Securing Virtual Desktop Infrastructures with Strong Authentication whitepaper Contents VDI Access Security Loopholes... 2 Secure Access to Virtual Desktop Infrastructures... 3 Assessing Strong Authentication
More informationAuthentication Solutions Buyer's Guide
WHITE PAPER: AUTHENTICATION SOLUTIONS BUYER'S GUIDE........................................ Authentication Solutions Buyer's Guide Who should read this paper Individuals who would like more details regarding
More informationCA Technologies Solutions for Criminal Justice Information Security Compliance
WHITE PAPER OCTOBER 2014 CA Technologies Solutions for Criminal Justice Information Security Compliance William Harrod Advisor, Public Sector Cyber-Security Strategy 2 WHITE PAPER: SOLUTIONS FOR CRIMINAL
More informationEnhancing Organizational Security Through the Use of Virtual Smart Cards
Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company
More informationProtecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks
Protecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks Whitepaper W H I T E P A P E R OVERVIEW Arcot s unmatched authentication expertise and unique technology give organizations
More informationSOLUTION BRIEF Improving SAP Security With CA Identity and Access Management. improving SAP security with CA Identity and Access Management
SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management improving SAP security with CA Identity and Access Management The CA Identity and Access Management (IAM) suite can help you
More informationLogica Sweden provides secure and compliant cloud services with CA IdentityMinder TM
CUSTOMER SUCCESS STORY Logica Sweden provides secure and compliant cloud services with CA IdentityMinder TM CUSTOMER PROFILE Industry: IT services Company: Logica Sweden Employees: 5,200 (41,000 globally)
More informationProduct overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities
PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to
More informationCitrix Ready Solutions Brief. CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands. citrix.
CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands citrix.com/ready CA Technologies and Citrix have partnered to integrate their complementary, industry-leading
More informationUsing Entrust certificates with VPN
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
More informationTop 5 Reasons to Choose User-Friendly Strong Authentication
SOLUTION BRIEF: USER-FRIENDLY STRONG AUTHENTICATION........................................ Top 5 Reasons to Choose User-Friendly Strong Authentication Who should read this paper This executive brief asserts
More informationA brief on Two-Factor Authentication
Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.
More informationSECURING IDENTITIES IN CONSUMER PORTALS
SECURING IDENTITIES IN CONSUMER PORTALS Solution Brief THE CHALLENGE IN SECURING CONSUMER PORTALS TODAY The Bilateral Pull between Security and User Experience As the world becomes increasingly digital,
More informationThe NIST Framework for Improving Critical Infrastructure Cybersecurity - An Executive Guide
SOLUTION BRIEF NIST FRAMEWORK FOR IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY The NIST Framework for Improving Critical Infrastructure Cybersecurity - An Executive Guide SOLUTION BRIEF CA DATABASE
More informationSOLUTION BRIEF MOBILE SECURITY. Securely Accelerate Your Mobile Business
SOLUTION BRIEF MOBILE SECURITY Securely Accelerate Your Mobile Business CA Technologies allows you to accelerate mobile innovation for customers and employees without risking your enterprise data or applications.
More informationUser Authentication for Software-as-a-Service (SaaS) Applications White Paper
User Authentication for Software-as-a-Service (SaaS) Applications White Paper User Authentication for Software-as-a-Service (SaaS) Applications White Paper Page 1 of 16 DISCLAIMER Disclaimer of Warranties
More informationDesigning a CA Single Sign-On Architecture for Enhanced Security
WHITE PAPER FEBRUARY 2015 Designing a CA Single Sign-On Architecture for Enhanced Security Using existing settings for a higher-security architecture 2 WHITE PAPER: DESIGNING A CA SSO ARCHITECTURE FOR
More informationidentity as the new perimeter: securely embracing cloud, mobile and social media agility made possible
identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,
More informationTransitioning to Push Authentication
Transitioning to Push Authentication Summary Current out-of-band authentication solutions have not proven to be up to the task of protecting critical user data, and have been disabled in a variety of recent
More informationSecure Web Access Solution
Secure Web Access Solution I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. E-CODE SECURE WEB ACCESS SOLUTION... 3 OVERVIEW... 3 PKI SECURE WEB ACCESS... 4 Description...
More informationCA Technologies Strategy and Vision for Cloud Identity and Access Management
WHITE PAPER CLOUD IDENTITY AND ACCESS MANAGEMENT CA TECHNOLOGIES STRATEGY AND VISION FEBRUARY 2013 CA Technologies Strategy and Vision for Cloud Identity and Access Management Sumner Blount Merritt Maxim
More informationModern two-factor authentication: Easy. Affordable. Secure.
Modern two-factor authentication: Easy. Affordable. Secure. www.duosecurity.com Your systems and users are under attack like never before The last few years have seen an unprecedented number of attacks
More informationContents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008
Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication
More informationImproving Online Security with Strong, Personalized User Authentication
Improving Online Security with Strong, Personalized User Authentication July 2014 Secure and simplify your digital life. Table of Contents Online Security -- Safe or Easy, But Not Both?... 3 The Traitware
More informationADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief
ADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS Adaptive Authentication in Juniper SSL VPN Environments Solution Brief RSA Adaptive Authentication is a comprehensive authentication platform providing
More informationA to Z Information Services stands out from the competition with CA Recovery Management solutions
Customer success story October 2013 A to Z Information Services stands out from the competition with CA Recovery Management solutions Client Profile Industry: IT Company: A to Z Information Services Employees:
More informationTECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION
TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION SMS PASSCODE is the leading technology in a new generation of two-factor authentication systems protecting against the modern Internet threats.
More informationMulti-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access
Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access CONTENTS What is Authentication? Implementing Multi-Factor Authentication Token and Smart Card Technologies
More informationWhite paper. Implications of digital certificates on trusted e-business.
White paper Implications of digital certificates on trusted e-business. Abstract: To remain ahead of e-business competition, companies must first transform traditional business processes using security
More informationIDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers
IDENTITY & ACCESS Providing Cost-Effective Strong Authentication in the Cloud a brief for cloud service providers Introduction Interest and use of the cloud to store enterprise resources is growing fast.
More informationBlackBerry Enterprise Solution and RSA SecurID
Technology Overview BlackBerry Enterprise Solution and RSA SecurID Leveraging Two-Factor Authentication to Provide Secure Access to Corporate Resources Table of Contents Executive Summary 3 Empowering
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationUnderstanding Enterprise Cloud Governance
Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination
More informationWHITE PAPER Usher Mobile Identity Platform
WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction
More informationAUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes
AUTHENTIFIERS Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes Authentify delivers intuitive and consistent authentication technology for use with smartphones,
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationXYPRO Technology Brief: Stronger User Security with Device-centric Authentication
Ken Scudder Senior Director Business Development & Strategic Alliances XYPRO Technology Talbot A. Harty CEO DeviceAuthority XYPRO Technology Brief: Stronger User Security with Device-centric Authentication
More informationKEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS
KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS Plurilock Security Solutions Inc. www.plurilock.com info@plurilock.com 2 H IGHLIGHTS: PluriPass is Plurilock static keystroke dynamic biometric
More informationThe Authentication Revolution: Phones Become the Leading Multi-Factor Authentication Device
The Authentication Revolution: Phones Become the Leading Multi-Factor Authentication Device PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-668-6536 www.phonefactor.com Executive
More informationHow To Manage A Plethora Of Identities In A Cloud System (Saas)
TECHNICAL WHITE PAPER Intel Cloud SSO How Intel Cloud SSO Works Just as security professionals have done for ages, we must continue to evolve our processes, methods, and techniques in light of the opportunities
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationMulti-factor authentication
CYBER SECURITY OPERATIONS CENTRE (UPDATED) 201 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL
More informationWhy it s Time to Make the Change Analysis of Current Technologies for Multi-Factor Authentication in Active Directory
GoldKey vs RSA Why it s Time to Make the Change Analysis of Current Technologies for Multi-Factor Authentication in Active Directory WideBand Corporation www.goldkey.com Analysis of Current Technologies
More informationYour Network Has Been Compromised. Is It Time To Reevaluate Your Traditional Cybersecurity Paradigms?
SOLUTION BRIEF Identity and Access Management Solutions from CA Technologies for Government Agencies Your Network Has Been Compromised. Is It Time To Reevaluate Your Traditional Cybersecurity Paradigms?
More informationSOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. Identity-centric Security: The ca Securecenter Portfolio
SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY Identity-centric Security: The ca Securecenter Portfolio How can you leverage the benefits of cloud, mobile, and social media, while protecting
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationDeliver Secure, User-Friendly Access to Mobile Business Apps
SAP Brief Extensions SAP Mobile App Protection by Mocana Objectives Deliver Secure, User-Friendly Access to Mobile Business Apps Promote app security for enterprise safety Promote app security for enterprise
More informationSecurely Outsourcing to the Cloud: Five Key Questions to Ask
WHITE PAPER JULY 2014 Securely Outsourcing to the Cloud: Five Key Questions to Ask Russell Miller Tyson Whitten CA Technologies, Security Management 2 WHITE PAPER: SECURELY OUTSOURCING TO THE CLOUD: FIVE
More informationHow Secure is your Authentication Technology?
How Secure is your Authentication Technology? Compare the merits and vulnerabilities of 1.5 Factor Authentication technologies available on the market today White Paper Introduction A key feature of any
More informationWhite Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services. Table of Contents. 1. Two Factor and CJIS
White Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services Over the past decade, the demands on government agencies to share information across the federal, state and local levels
More informationTwo-Factor Authentication over Mobile: Simplifying Security and Authentication
SAP Thought Leadership Paper SAP Mobile Services Two-Factor Authentication over Mobile: Simplifying Security and Authentication Controlling Fraud and Validating End Users Easily and Cost-Effectively Table
More informationhow can I comprehensively control sensitive content within Microsoft SharePoint?
SOLUTION BRIEF Information Lifecycle Control for Sharepoint how can I comprehensively control sensitive content within Microsoft SharePoint? agility made possible CA Information Lifecycle Control for SharePoint
More informationFujitsu Australia and New Zealand provides cost-effective and flexible cloud services with CA Technologies solutions
CUSTOMER SUCCESS STORY Fujitsu Australia and New Zealand provides cost-effective and flexible cloud services with CA Technologies solutions CLIENT PROFILE Industry: IT Services Company: Fujitsu Australia
More informationRSA Authentication Manager 8.1 Help Desk Administrator s Guide
RSA Authentication Manager 8.1 Help Desk Administrator s Guide Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm
More informationProtect Your Customers and Brands with Multichannel Two-Factor Authentication
SAP Brief Mobile Services from SAP SAP Authentication 365 Objectives Protect Your Customers and Brands with Multichannel Two-Factor Authentication Protecting your most valuable asset your customers Protecting
More informationIdentity Centric Security: Control Identity Sprawl to Remove a Growing Risk
Identity Centric Security: Control Identity Sprawl to Remove a Growing Risk John Hawley VP, Security CA Technologies September 2015 Today s Theme: Preparing for the Adversary How to Prepare Your Organization
More informationEnterprise On The Go: 5 Essentials For BYOD & Mobile Enablement
Enterprise On The Go: 5 Essentials For BYOD & Mobile Enablement Introduction: The Opportunities & Challenges of Enterprise Mobility Apps & the Enterprise The existence of smartphones and tablets able to
More informationBuilding Secure Multi-Factor Authentication
Building Secure Multi-Factor Authentication Three best practices for engineering and product leaders Okta Inc. I 301 Brannan Street, Suite 300 I San Francisco CA, 94107 info@okta.com I 1-888-722-7871 Introduction
More informationRSA SecurID Two-factor Authentication
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
More informationSecuring mobile devices in the business environment
IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services 2 Securing mobile
More informationWHITE PAPER May 2012. How Can Identity and Access Management Help Me with PCI Compliance?
WHITE PAPER May 2012 How Can Identity and Access Management Help Me with PCI Compliance? Table of Contents Executive Summary 3 SECTION 1: Challenge 4 Protection of confidential cardholder information SECTION
More informationPassword Management Evaluation Guide for Businesses
Password Management Evaluation Guide for Businesses White Paper 2016 Executive Summary Passwords and the need for effective password management are at the heart of the rise in costly data breaches. Various
More informationI D C T E C H N O L O G Y S P O T L I G H T. C a n S e c u rity M a k e IT More Productive?
I D C T E C H N O L O G Y S P O T L I G H T C a n S e c u rity M a k e IT More Productive? December 2015 Adapted from Worldwide Identity and Access Management Forecast, 2015 2019 by Pete Lindstrom, IDC
More informationcontent-aware identity & access management in a virtual environment
WHITE PAPER Content-Aware Identity & Access Management in a Virtual Environment June 2010 content-aware identity & access management in a virtual environment Chris Wraight CA Security Management we can
More information