Contact Us

Strong Authentication Best Practices

Control Access & Protect Data Throughout the Enterprise

A strong authentication solution that validates the identities of users and computing devices that access the non-public areas of an organization’s network is the first step in building a secure and robust information protection system.

1. Match Your Authentication Solution to Your Business, Users, and Risk

Blue Authentication Token Icon

A flexible approach that enables an organization to implement different authentication methods based on different risk levels may ensure a robust system that can be efficiently and cost-effectively deployed.

Technologies for multi-factor authentication include:

  • One-Time Passwords (OTP): OTP technology is based on a shared secret or seed that is stored on the authentication device and the authentication backend. This method ensures authentication by generating a one-time passcode based on the token’s secret.

  • Certificate-based Authentication (CBA): This method ensures authentication using a public and private encryption key that is unique to the authentication device and the person who possesses it. CBA tokens can also be used to digitally sign transactions and to ensure non-repudiation. Gemalto  delivers certificate-based authentication via USB tokens and smart cards.

  • Context-based Authentication: Context-based authentication uses contextual information to ascertain whether a user’s identity is authentic or not, and is recommended as a complement to other strong authentication technologies. In order to develop a robust authentication solution, organizations should consider their business, users, and risk, and select a solution that provides them with the flexibility to adapt as needed. For example, if organizations are interested in implementing additional security solutions that rely on PKI technology, such as full-disk encryption, network logon, and digital signatures, or are thinking about adding such solutions in the future, they should consider CBA, as it enables these applications.

2. Prefer Solutions That Adhere to Standards-Based Security and Certifications

  

Products that are built upon standards-based crypto-algorithms and authentication protocols are preferred. Unlike proprietary algorithms, standards-based algorithms have gone through public scrutiny by industry and security experts that reduces the chance of any inherent weaknesses or vulnerabilities. Moreover, they enjoy broad industry support.

3. Consider All Access Points

Green Secure Remote Access Icon

Organizations need to ensure that access to all sensitive information is authenticated, whether the information resides on premise or in the cloud. Organizations should implement the same security mechanisms for cloud resources as they would for remote access to the corporate network. In addition, organizations should deploy security mechanisms to ensure that users accessing network resources from their mobile consumer devices (e.g., tablets, smart phones) are securely authenticated.

4. Ensure the Solution Reduces IT Administrative and Management Overhead

Multi-Factor Authentication Purple Icon

Authentication environments have to offer convenience and transparency for end users and administrators alike. Following are several guidelines that can help organizations achieve these goals:

  • Administrative Controls: Administrators need to be able to manage all users across all devices and resources. To meet this charter, they need automation, central management, and visibility into user access across multiple resources. To ensure users have an optimal experience, administrators need to be equipped with granular controls and comprehensive reporting capabilities.

  • End-User Convenience: To ensure security controls are enforced, while streamlining user access, organizations should have the ability to offer users the type of authentication device that most suits their role and security profile. Organizations can offer their users several authentication methods, ranging from context-based authentication, through SMS, phone tokens or hardware tokens – ensuring user acceptance and compliance with corporate security policies.

Request More Info      Explore Our Authentication Products


Strong Authentication Resources

Securing access to corporate networks, protecting the identities of users, and ensuring that a user is who he claims to be all comes down to well-executed strong authentication methods. Here are a variety of resources that provide insights into how best to utilize strong authentication throughout the enterprise:

White Paper Icon

Authentication Best Practices - White Paper

A significant number of high profile security breaches have occurred recently, bringing the organizations affected to the front pages of the business press. These events have had a negative impact on the public image of these companies, and may also have a harmful effect on their business. These incidents have caused the CIOs of many companies to reevaluate their info-security strategy in general, while also placing specific focus on their user authentication and transaction security requirements.

Get the White Paper

 

White Paper Icon

An Intro to Strong Authentication - White Paper

In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight.

Get the White Paper

 

Infographic - The Real Cost of Strong Authentication

The Real Cost of Strong Authentication - Infographic

In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight.

Get the Infographic

 

 

CTA - 2014 Gartner Magic Quadrant for User Authentication
Auth Migration Guide WP
CTA - SAS Free Trial
Back to Top

Contact Us

Thank you for your interest in our products. Please fill out and submit the form to receive more information about Gemalto or to be contacted by a Gemalto specialist.

Your Information

* Email Address:  
* First Name:  
* Last Name:  
* Company Name:  
* Phone:  
* Country:  
* State (US Only):  
* Province (Canada/Australia Only):  
Comments:  
 


By submitting this form I agree to receive information from Gemalto and its affiliates as described in our Privacy statement.