A Symantec Connect Document. A Total Cost of Ownership Viewpoint



Similar documents
Two-Factor Authentication

Two-Factor Authentication

Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software

Athena Mobile Device Management from Symantec

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1

Symantec Mobile Management for Configuration Manager 7.2

STRONGER AUTHENTICATION for CA SiteMinder

Symantec Mobile Management 7.2

Technical White Paper. Two-Factor Authentication The Real Cost of Ownership

Symantec ServiceDesk 7.1

How To Support Bring Your Own Device (Byod)

Symantec Validation and ID Protection Service

Why Digital Certificates Are Essential for Managing Mobile Devices

Cloud, Appliance, or Software? How to Decide Which Backup Solution Is Best for Your Small or Midsize Organization.

Confidence in the Cloud Five Ways to Capitalize with Symantec

Authentication Solutions Buyer's Guide

Endpoint Management and Mobility Solutions from Symantec. Adapting traditional IT operations for new end-user environments

RSA SecurID Two-factor Authentication

Proposal Document TitleDocument Version 1.0 TitleDocument

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

Altiris Asset Management Suite 7.1 from Symantec

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

Payment Card Industry Data Security Standard

Enabling Cloud Computing for Enterprise Web Applications:

Altiris IT Management Suite 7.1 from Symantec

How to Unlock Agility by Backing up to, from, and in the Cloud

Cisco Mobile Collaboration Management Service

Symantec Workspace Streaming: Enabling the Dynamic Management of Software Licenses

An Overview of Samsung KNOX Active Directory and Group Policy Features

ADDING STRONGER AUTHENTICATION for VPN Access Control

Altiris IT Management Suite 7.1 from Symantec

Symantec Managed PKI Service Deployment Options

WhitePaper. Private Cloud Computing Essentials

How much do you pay for your PKI solution?

Traditionally, large IT organizations have utilized their own

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

ACCESS MANAGEMENT UTILITY SERVICE via SECOND FACTOR AUTHENTICATION (2FA)

How to reduce the cost and complexity of two factor authentication

Understanding the Value of Symantec Managed Enterprise Vault

Symantec Workspace Streaming 6.1

Symantec Messaging Gateway powered by Brightmail

8 Key Requirements of an IT Governance, Risk and Compliance Solution

300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you

Symantec Desktop and Laptop Option 7.6

Sage ERP I White Paper. ERP and the Cloud: What You Need to Know

Encryption as a Cloud Service provides the lowest TCO

Simplify SSL Certificate Management Across the Enterprise

Proven. Trusted.

Symantec Managed PKI for SSL Support Overview. How to get quick and convenient customer support

Direct virtual machine creation from backup with BMR

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Altiris Server Management Suite 7.1 from Symantec

Symantec Enterprise Vault for Microsoft Exchange

The Modern Service Desk: How Advanced Integration, Process Automation, and ITIL Support Enable ITSM Solutions That Deliver Business Confidence

HITS HR & PAYROLL CLOUD MODEL WHITEPAPER

Endpoint Protection Small Business Edition 2013?

Using Entrust certificates with VPN

White Paper: Whole Disk Encryption

Delivering Performance and Value through Multiple Deduplication Pools

How To Integrate With Salesforce Crm

Ultra-strong authentication to protect network access and assets

Symantec NetBackup 7.5 What s New and Version Comparison Matrix

Endpoint Virtualization. Workspace Management: Simplify IT Organizations. Data Sheet Symantec TM Workspace Streaming 6.1

Ultra-strong authentication to protect network access and assets

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

Top 5 Reasons to Choose User-Friendly Strong Authentication

White Paper. McAfee Cloud Single Sign On Reviewer s Guide

Provide access control with innovative solutions from IBM.

Symantec Mobile Management Suite

etoken TMS (Token Management System) Frequently Asked Questions

Business Case for Voltage Secur Mobile Edition

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

Comparing the Costs. Analyzing the total cost of ownership of Clio vs. traditional desktop practice management solutions.

Solution Brief: Enterprise Security

The Top 5 Federated Single Sign-On Scenarios

Ultra-strong authentication to protect network access and assets

Licensing Symantec Certificates

Symantec Server Management Suite 7.6 powered by Altiris technology

NetBackup Best Practice Using Tape Storage with Deduplicating Disk Storage

Managed Public Key Infrastructure

A brief on Two-Factor Authentication

Proposed Service. Name of Proposed Service: Technical description of Proposed Service: Registry-Registrar Two-Factor Authentication Service

Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS

Simplify Your Windows Server Migration

Endpoint Virtualization for Healthcare Providers

The Costs of Managed PKI:

Ensuring the security of your mobile business intelligence

solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?

RSA SecurID Software Token 1.0 for Android Administrator s Guide

Symantec Mobile Security

Turnkey Deduplication Solution for the Enterprise

Transcription:

A Symantec Connect Document Two-Factor Authentication A Total Cost of Ownership Viewpoint

White Paper: Two-Factor Authentication: A TCO Viewpoint Two-Factor Authentication Contents Introduction............................................................................................ 1 VIP Solution vs Competitor Solution....................................................................... 2 Administrator and Token Life-Cycle Management........................................................... 3 Conclusion.............................................................................................. 3

Two-Factor Authentication Introduction By the end of 2013 more than 75 percent of U.S. employees and more than 1 billion workers worldwide will routinely work outside a traditional office environment. 1 Increasing numbers of employees will need to remotely access the corporate network. Even people working from the office will be using the Internet to do their jobs, as organizations adopt the software-as- a-service (SaaS) application delivery model. Meanwhile, with the growing prominence of extranets and cross-organizational collaboration tools, nonemployees including customers, suppliers, and business partners increasingly need access to corporate applications and data, sometimes through social media technologies. Extended networks can help organizations cut operational costs through greater process efficiencies; promote cross-organizational innovation; and eliminate the need to build costly and time-consuming point-to-point connections. Although there are tremendous benefits to this expansion of the corporate network, the need for strong security has never been more apparent. Enterprises have traditionally used two-factor authentication (2FA) to secure access to corporate resources remotely. Due to their relative ease of use and familiar end-user paradigm, One-Time Password or OTP-based solutions are the most widely used 2FA solution deployed by enterprises today. As 2FA vendors and Enterprise IT professionals gain experience deploying these solutions, the true cost or total cost of ownership (TCO) becomes apparent, and can be estimated quite accurately across different authentication solutions. This White Paper will focus specifically on various OTP-based authentication solutions and will help IT professionals identify the key components that contribute to their total cost of ownership. Furthermore, this White Paper will draw a comparison between VeriSign Identity Protection (VIP) Authentication Service, and a competitor s strong authentication solution from a TCO perspective. Defining Total Cost of Ownership TCO accounts for all of the costs associated with planning, procuring, deploying, and owning a two-factor authentication solution not just the solution cost paid to a particular vendor. It should include: Up-front costs for an infrastructure that must be scalable, highly reliable, and protected in a secure facility (hardware costs) Deployment costs, including both internal and outsourced resources to plan, install and configure the solution, as well as costs to set up and train end users One-time costs for devices (such as tokens or mobile phone applications) that generate the OTP, as well as any replacement and distribution costs Authentication software license fees, either annual subscriptions, or perpetual licenses, which then impose additional maintenance fees On-going administration costs include costs to maintain the OTP deployment as well as end-user support and helpdesk costs Integration costs 1-Worldwide Mobile Worker population 2009-2013 Forecast and Analysis, IDC, December 2009 1

Two-Factor Authentication VIP Solution vs Competitor Solution Scenario: Deployment of 5,000 OTP credentials deployed to secure remote access to corporate resources. IT Infrastructure Costs For validation, administration and life-cycle management of OTP credentials, we assume two servers per site (for redundancy and failover) as well as a single disaster-recovery server deployed at a different site. The VIP deployment will also leverage the existing enterprise directory for the user s first factor (password). The ability to leverage the existing user store for the first factor is a cost benefit for the Symantec solution as it simplifies end-user onboarding and training, as well as administrative overhead. It is also important to note that the VIP enterprise gateway is lightweight and completely stateless as compared to the leading competitor s servers which host a proprietary database engine. Therefore, the type of server required for VIP is less costly. Costs include both hardware and OS. IT and Support Staffing: Initial Setup, Integration and Distribution For initial deployment, the IT staffing model assumes one full-time equivalent (FTE) project manager and one FTE system administrator for one week. Credential Costs (One-Time Token Fee) Symantec recommends VeriSign Identity Protection Access for Mobile, a downloadable mobile credential for 2FA that makes strong authentication more convenient for end users as well as more affordable and cost-effective 2FA for the enterprise. VIP Access for Mobile is available free of charge to both the enterprise and end-user, and is distributed directly by Symantec, further reducing administrative overhead for the enterprise. VIP Access for Mobile supports over 600 different mobile phone models, including Blackberry, iphone, Android, Windows Mobile and J2ME. A leading competitor also offers a mobile software credential, however it has associated token seed fees, and is not supported on as many phone models as VIP Access for Mobile. The model assumes that 60% of end-users use VIP Access for Mobile with the Symantec solution and 50% of end- users use software tokens with the competitor solution. Hardware token costs are a one-time fee in the first year of deployment. A leading competitor leases their tokens typically over a three to five year period, and enforces token renewal as the lease expires. VIP hardware tokens typically do not expire, and can be used for the life of the battery, typically 5-8 years. Symantec customers own their tokens and do not have to renew them after the life of the subscription, providing further cost saving that is not accounted for in this model. For token costs, the model also assumes that ten percent of issued tokens are lost or broken annually. Estimated token costs are based on list pricing. Hardware Token Distribution Hardware tokens must be distributed to end-users, and the model assumes that 25% of users utilizing hardware credentials are remote and must have tokens individually packaged and shipped to their location. Other hardware credential users will pick up their tokens from a central location, incurring minimal additional cost. 2

Two-Factor Authentication Software Costs (One-time License Fee) Symantec charges a flat per credential, per year subscription fee over the lifetime of the solution (three years in this example). The model assumes the competitor is charging 20 percent of the software license fee as a recurring software maintenance fee. Administration The model assumes that half the administrator FTE can support a deployment for 5,000 users. With VIP, the enterprise administrator no longer needs to import token seed records for each batch of tokens, or distribute software token seeds to end users using mobile phone credentials. We believe that the administration costs for VIP will be lower by about 30 percent. Administrator and Token Life-Cycle Management Total Number of Credentials: 5,000 Total Years of Analysis: 3 Conclusion As seen in the examples above, VIP delivers significantly lower TCO than a leading competitor, by over 40 percent. In addition, there are several key features of the VIP solution that will further enable the enterprise to adapt their deployment to the evolving business requirements while at the same time minimizing TCO in the long run. These concepts are summarized below: 3

Two-Factor Authentication Better Value with Symantec Free, easy-to-use software credentials provide significant cost savings Single, integrated platform allows you to deploy multiple devices depending on user and application types Flexible models enable you to create a customized solution for your business Leverages existing technology investments (Directory, database, SSO servers, etc.) Fully scalable Open versus proprietary More credential choices and no vendor lock Continuous innovation innovative devices both in cost and functionality (secure storage, end-point security, etc.) Single platform can support changing authentication requirements Lower Costs Cost-effective tokens Out-of-box self-service application including token activation, token synchronization, etc. 4

About Symantec Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Headquartered in Mountain View, Calif., Symantec has operations in 40 countries. More information is available at www.symantec.com. For specific country offices and contact numbers, please visit our website. Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 2/2011 21172471

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information