Posted by Mark Douglas on 1/20/2014 11:48 AM | Comments (0)

Written by SyferLock.

SyferLock

The Authentication Conundrum

Creating a highly secure IT infrastructure is a major challenge for organisations today. Megatrends such as the emergence of cloud computing, server and desktop virtualisation, the proliferation of mobile technologies and bring-your-own-device, the increase in employees requiring remote access, and the increased use of social networking in the work environment have created new vulnerabilities and risks for companies. Users expect to be able to access information from virtually anywhere via the Internet and mobile devices such as smart phones and tablets, and that means it is harder than ever for IT and security executives to ensure that all of the organisation’s information assets are protected.

One of the biggest concerns regarding security is unauthenticated access to systems and information. Given the proliferation of employees working remotely and the use of mobile devices, and the potential threat this represents for corporate networks, authentication should be an even higher priority than it has been for enterprises.

Hardware-based authentication solutions have been around for years and many companies rely on these products as part of their security strategy. These tools can provide some benefits in terms of authenticating users, but they are flawed in a number of ways. For example, hardware solutions such as security tokens can be lost or stolen, and they can also break. In addition, they can be costly, not only for the initial purchase but also for ongoing maintenance and administration of the physical devices. And hardware authentication solutions are not impenetrable as highlighted by recent high-profile security breaches. Furthermore, many of today’s use cases for online access are not conducive to hardware-based solutions for strong authentication. 

As a result of these and other drawbacks, many organisations today are looking to replace these outdated legacy authentication products with modern solutions that are more effective and less costly.

An Effective Authentication Alternative

Software-based authentication solutions like those from SyferLock address the concerns and challenges companies face and provide an alternative to hardware-based authentication products. SyferLock’s software-based solutions deliver the level of authentication that companies need today, but at a much lower cost than hardware tokens, smart cards, biometrics and other authentication offerings.

SyferLock’s software-based solutions deliver two-factor and multi-factor authentication utilising patented software-based grids to convert static passwords/PINs into token-less one-time passwords or PINs (OTPs), offering a simple, more secure way to access information while leveraging users’ existing passwords and an organiastion’s password infrastructure.

It is estimated that 99% of all authentications use static passwords or PINs. With SyferLock’s software-based authentication solutions, organisations can take the familiarity of the static password and allow users to continue leveraging them but convert these static passwords into a dynamic OTP that consists of a randomly changing string of numbers with every log-in. SyferLock addresses the weaknesses of the static password without the need for any additional hardware, providing enhanced security no matter where users log in.

Organisations that have moved away from hardware-based authentication products to SyferLock’s software-based solutions are seeing positive results. For example, one company in the energy services field had been using hardware tokens to enable thousands of users to access its nuclear power plant. The energy services company moved to SyferLock’s software-based solutions to eliminate hardware tokens, reduce costs and improve secure access to the plant, and has renewed its subscription to SyferLock for the fifth year.

“Our requirement was a cost savings initiative without sacrificing on the strength and security of the password system,” an IT executive at the energy services company says. The company chose SyferLock for the convenience of a device-less OTP solution coupled with attractive savings.

Another business in the biopharmaceutical industry also moved from hardware to software-based authentication. The company now uses SyferLock’s software-based solutions to provide authentication for 5,000 users. A security project manager at the firm called SyferLock “a great solution for our company where the cost and complexity of the hardware token system we had previously deployed all goes away.”

Plan of Action

Information security is a high priority for businesses and having an effective authentication process is essential in today’s environment. Never before have so many users needed access to corporate networks and data from remote locations and never before have the security threats been greater. A username and static password alone are not enough to ensure secure access.

Older, hardware-based authentication products such as tokens are not cost-effective, have usability limitations and they are subject to a number of drawbacks that can jeopardise the security of information.

By leveraging more modern software-based authentication solutions like SyferLock, companies can provide superior authentication and security, and improved user experience, at a greatly reduced total cost of ownership. Companies no longer have to deal with the expense of outdated tokens and token administration.


blog comments powered by Disqus