Technology Showcase Theatre

Similar documents
ADAPTIVE USER AUTHENTICATION

Adaptive User Authentication

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

MODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION

The PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition

Hosting topology SMS PASSCODE 2015

ADVANCED TWO-FACTOR AUTHENTICATION VIA YOUR MOBILE PHONE

Guide to Evaluating Multi-Factor Authentication Solutions

Whitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION TWO-FACTOR AUTHENTICATION

STRONGER AUTHENTICATION for CA SiteMinder

ADDING STRONGER AUTHENTICATION for VPN Access Control

Ultra-strong authentication to protect network access and assets

Ultra-strong authentication to protect network access and assets

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

Microsoft Azure Multi-Factor authentication. (Concept Overview Part 1)

IDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers

Remote Access Securing Your Employees Out of the Office

Palo Alto Networks GlobalProtect VPN configuration for SMS PASSCODE SMS PASSCODE 2015

SMS PASSCODE 7.2 ADMINISTRATOR S GUIDE REV. 1.0 (JUNE 2014)

External Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

A brief on Two-Factor Authentication

Self Service Portal and 2FA User Guide

BlackShield ID Best Practice

NetIQ Advanced Authentication Framework

Citrix Netscaler Advanced guide for SMS PASSCODE SMS PASSCODE 2014

nexus Hybrid Access Gateway

Swivel Multi-factor Authentication

Enhanced Single Factor, 2 Factor & Multi-Factor Authentication Solutions

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

Microsoft Outlook Web Access 2013 Authenticating Users Using SecurAccess Server by SecurEnvoy

White Paper. The Principles of Tokenless Two-Factor Authentication

Cash Management 5.0 User Guide

Implementation Guide for. Juniper SSL VPN SSO with OWA. with. BlackShield ID

MCBDirect Corporate Logging on using a Soft Token

Advanced Configuration Steps

Proven. Trusted.

Strong Authentication for Juniper Networks

QUICK SELLING GUIDE THE FUTURE OF AUTHENTICATION

One-Time Password Contingency Access Process

Centralized Self-service Password Reset: From the Web and Windows Desktop

Two-Factor Authentication (2FA) Registration Instructions Symantec VIP Access

Contextual Authentication: A Multi-factor Approach

Adding Stronger Authentication to your Portal and Cloud Apps

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

Whitepaper on AuthShield Two Factor Authentication and Access integration with Microsoft outlook using any Mail Exchange Servers

Integration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with Microsoft DirectAccess

Step 1. Step 2. Open your browser and go to and you will be presented a logon screen show below.

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment

Ultra-strong authentication to protect network access and assets

InsightCloud. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

Registration for My Profile & Administration

Enhanced Security for Online Banking

External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

A Guide to New Features in Propalms OneGate 4.0

Two-factor Authentication: A Tokenless Approach

Welcome Guide for MP-1 Token for Microsoft Windows

Cash Management. Getting Started Guide

SafeNet Authentication Service

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

A8.1 Asset Management Responsibility for assets: To identify organisational assets and define appropriate protection responsibilities.

Password Reset Module

An Overview of Samsung KNOX Active Directory and Group Policy Features

NETWRIX IDENTITY MANAGEMENT SUITE

Two-Factor Authentication User FAQ s

Multi-Factor Authentication FAQs

Why SMS for 2FA? MessageMedia Industry Intelligence

SharePlus Enterprise: Security White Paper

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Google Identity Services for work

External Authentication with Windows 2012 R2 Server with Remote Desktop Web Gateway Authenticating Users Using SecurAccess Server by SecurEnvoy

Building Secure Multi-Factor Authentication

Securing your Mobile Workforce with Okta and Espion

Introduction to Google Apps for Business Integration

Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS

Authentication Solutions

External Authentication with Checkpoint R75.40 Authenticating Users Using SecurAccess Server by SecurEnvoy

IDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape

Juniper SSL VPN Authentication QUICKStart Guide

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

Enhancing Organizational Security Through the Use of Virtual Smart Cards

SAM Context-Based Authentication Using Juniper SA Integration Guide

External Authentication with CiscoSecure ACS. Authenticating Users Using. SecurAccess Server. by SecurEnvoy

Full disk encryption with Sophos Safeguard Enterprise With Two-Factor authentication of Users Using SecurAccess by SecurEnvoy

Ensuring the security of your mobile business intelligence

The Authentication Revolution: Phones Become the Leading Multi-Factor Authentication Device

Best Practices Guide to Electronic Banking

External Authentication with Cisco ASA Authenticating Users Using SecurAccess Server by SecurEnvoy

User Identity and Authentication

Application Note. Intelligent Application Gateway with SA server using AD password and OTP

SafeNet Authentication Service

The Top 5 Federated Single Sign-On Scenarios

Transcription:

Technology Showcase Theatre

Technology Leader in Adaptive Multi-Factor Authentication Amar Rathore Head UK and Ireland

SMS PASSCODE A/S We are a technology leader in adaptive multi-factor authentication software. We ensure employees can easily and safely access corporate networks and applications remotely. We provide IT/security managers with a cost-effective and easy-to-maintain offering that secures remote access systems, including Microsoft, Citrix, Cisco and Juniper. Adaptive User Authentication 3

What does it do» Authenticates users - tries to guarantee that the right person is logging in. http://smspasscode.com/product/howitworks Adaptive User Authentication 4

» Authentication» 2FA» MFA» Token» Passcode Adaptive User Authentication 5

Technology Evolution 80-90 s Hardware Tokens 00 s Mobile based solutions Now Adaptive User Authentication + Introduction of two-factor auth. High cost on tokens Distribution & administration cost An extra thing to carry + Real-time multi-factor auth. + No hardware distribution Deployment of soft tokens / apps Regional SMS delivery challenges + Contextual intelligence layer + Policy-based trusted IPs + Multiple OTP options + Location aware dispatching Our Heritage: Always based on SMS Always real-time Always session based No client software Adaptive User Authentication 6

Two-factor vs. Multi-factor Authentication» Two-factor Authentication (2FA) is merely» Something you Know» Something you Have (Token, Card, Finger, Phone etc.) Basic security: Protects against 90 ies threats (key loggers, guessed/ cracked/ bought/ borrowed passwords etc.) Plus - users feel that their identity is protected.» Multi-Factor Authentication (MFA) simply adds more factors» Your Connection (unique session identification)» Your Location (Geographically)» The Role/Rights you have (Group member i.e. consultant, employee)» A valid Gateway/Point of entry» Time of day (doors are open only between i.e. 8am and 10pm) etc. Higher security: Protection against also more modern threats like Advanced malware, Session hijacking, Phishing, Pharming, Man-inthe-middle attacks etc. New flexibility: Access may now be controlled based on i.e. Countries, IP-ranges, Trusted locations, Time frames, Roles, Groups and other factors. Adaptive User Authentication 7

User Perspective» Simple To be able to access the systems when desired or required.. Adaptive User Authentication 8

Corporate Perspective» Security» Integrity» Compliance» Loss Prohibition» Data Protection» Etc etc Adaptive User Authentication 9

SMS PASSCODE Perspective What makes SMS PASSCODE unique? Makes Security Hassle-Free and Painless for the User Easy for IT to Implement, Manage and Scale Superior User Experience Prevents Security Breaches with Contextual Intelligence Reduces Costs and Improves ROI Adaptive User Authentication 10

Adaptive Authentication» Assess the current risk profile and determine actions allow, deny, no challenge, the OTP delivery mechanism» Trusted location vs. Untrusted location (i.e. allowing users to login without OTP from a trusted location) Adaptive User Authentication 11

Adaptive Authentication» The context is determined from:» Static rules:» Geo-IP data, like country and organization of enduser IP» Authentication client type» IP address/scope of end-user or authentication client Adaptive User Authentication 12

Adaptive Authentication» Dynamic rule:» Category of the end-user Trusted or not trusted» This category also influences the content of the message» User: Adaptive User Authentication 13

Adaptive Authentication» Do it all without lowering the level of Security» AND» Painless user experience Adaptive User Authentication 14

Adaptive Authentication - Usage» Allow log-in without OTP, but only from trusted IPs within a specific country ( home country )» Deny access from specific geographic regions» Allow log-in without OTP, when logging in from a specific IP scope (e.g. internal LAN)» Allow VPN from one & other client access from another Adaptive User Authentication 15

SMS Passcode The must have MFA Solution» Simple and strong deployment with AD integration» New users are added to the SMS PASSCODE Users Group(s) in Active Directory» Automatically, they receive an e-mail including a link to the self-service website from where they can enter their Token-ID, phone number, personal PIN-code etc.» After that, they can logon from home/outside protected by SMS PASSCODE» The admin will never have to add/remove the users from a console/system just an AD Group. This means almost zero administration even in large organizations since users already fall out of AD when leaving the company.» Geo Location Awareness Trusted Home IP» After a number of logons (default 3) the IP Address is marked Trusted, and you can let the user in, using only their password, e.g. from given countries, e.g to given applications and e.g if the users has the rights (e.g. not management and R&D) and not on VPN for instance maybe OWA is only MFA protected outside the users home country etc. See later slide» Most systems supports this incl. Cisco VPN, Citrix NetScaler and WI, OWA, Cloud Services etc.» Location Aware Dispatching» If a user travels to certain regions/countries of the world, SMS may not the best delivery method therefor the user will receive a phone call or secure e-mail in stead for instance. Intelligent dispatching, making sure that convenience and security comes first, but not at the risk of the user not getting access Adaptive User Authentication 16

Flexible OTP Delivery User-friendly logon-security to VPN, Citrix, OWA, SharePoint (TMG/UAG), Cloud etc. that offers many options for authentication» Mobile centered solutions» SMS or FlashSMS (on GSM)» Secure e-mail (on your phone), after Active Sync Provisioning» Voice call (on GSM or e.g. Skype on Wi-Fi)» Tokens OATH Support» Hardware tokens with display or not» Software tokens e.g. Windows or Google Authenticator All Session specific codes, generated in real time. Best security and best user experience. Alternative for the users that do not have a (company) phone or want offline (no Wi-Fi) options. Adaptive User Authentication 17

Secure Device Provisioning» SMS PASSCODE automates authentication for native e-mail client usage» Works directly with the Allow/Block/Quarantine list in Exchange ActiveSync» Users can safely self-provision new devices Adaptive User Authentication 18

Advanced Reporting» Monitor usage and logins (real-time & historic)» Geo location mapping the users logons» Also failed attempts (potential attack)» Drill down option» Trend Lines» Helpdesk tool as well as analysis» splunk is free up to 500 MB log data per day Adaptive User Authentication 19

Password Reset Module» Integrated detection of failed password entered» Notification/SMS is sent to the user with a link to the password reset site» The users can change AD password remotely in a simple and secure way» Advantages of SMS PASSCODE Password Reset Module» Users do not need to know about the option no education» Nothing is installed on the Users PC/Device» A browser based access to the Password Reset Site gives the users access from their own devices Adaptive User Authentication 20

Market Proven Technology Adaptive User Authentication 21

Demonstration Adaptive User Authentication 22

THANK YOU» Amar Rathore ara@smspasscode.com» Booth : E20 Adaptive User Authentication 23

Platform Diagram Location Aware Dispatch License Split Active Sync Provisioning Support for OATH Advanced reporting Adaptive User Authentication 24

Adaptive User Authentication Matrix for mapping user and application security policies Groups / Applications Management White collars R&D World wide access via MFA Access w/o MFA Trusted location Access w/o MFA in home country No access permitted External IT Consultant Blue collars Externals Adaptive User Authentication 25

Password Reset Module 11:45 am Your SMS ASSCODE account has been locked out. Please reset your password here: https://www.prs-yoursite.com» A number of log in attempts with an incorrect AD Password will lock you out and a message is sent» By clicking the URL the user is taken to the Password Reset Site» After being securely authenticated by SMS PASSCODE, the user can reset the AD Password» BONUS - If a hacker tried to get access he would be denied! And both you and admin would be notified Adaptive User Authentication 26

customers In Good Hands 274 in 16 countries were asked How much did you save? Saved more than 50% Saved 25 50% Saved 5 24% Saved Less than 5% This project has been highly successful. Not only have we realized substantial cost savings, the users have also been very happy about the change John Gudmann, Post Nord 98% Of our customers Answer that the solution has delivered the results that they aimed for. 6% 24% SMS PASSCODE is a great hassle-free product and does exactly what we need it to John Owen, IT Manager, Day Group 47% 24% We have now regained control of the authentication process. We know exactly who receives access codes, when they use them to log in, and from where Peter Warnier, CIO, DEME 1% yet to realize all expected results 1% expect to see results in a near future Adaptive User Authentication 27

Questions? Adaptive User Authentication 28

Technology Showcase Theatre

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information