Scribd Logo
Upload

Welcome to Scribd!

  • SecurEnvoy Infinigate DK Presentation

    Uploaded by

    Meghana Madineni
    78 views33 pages
    authentication

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    authentication

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    78 views33 pages

    SecurEnvoy Infinigate DK Presentation

    Uploaded by

    Meghana Madineni
    authentication

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 33

    Tokenless Authentication

    Stephen Crick Business Development Manager

    SecurEnvoy Overview
    UK company - Founded in 2003 Inventors of Tokenless Authentication Represented in 38 Countries (and growing) 700 global customers Million End User Devices Pure Channel Partner Sales Model Private and profitable company

    Who uses SecurEnvoy?

    2009 Copyright SecurEnvoy Ltd. All rights reserved

    SecurEnvoy Products
    SecurAccess
    SecurICE

    SecurPassword
    SecurMail

    Evolving User Base

    Simplicity Usability

    Versaility
    Cost 1980

    1990

    2000

    2010

    2011+

    Mobile Workforce
    Technology is driving mobility Consumer and Business devices are becoming the same thing Social Networking is driving communications and business Connect Anytime, Anywhere on-demand Make it Secure and not Complex

    Simple Facts
    Usability Consumer / End User

    Simple Facts
    Versatility Technology / Capability

    Simple Facts
    Simplicity Administration

    Simple Facts
    Cost Upfront / On-going

    Two Factor Authentication


    Factor One Something You Know Factor Two Something You Have

    Problems With Passwords


    Social engineering Finding written password Post-It Notes 10 PINs a day! Guessing password / pin Dog / Kids name / Birthday Shoulder surfing Keystroke logging Can be resolved with mouse based entry Screen scraping (with Keystroke logging) Brute force password crackers L0phtcrack

    Are you Secure?

    Protect Yourself / Company


    Compliance PCI Sox HIPAA Government / Military / Education E-Initiatives Policy Stronger Security Its now Your Digital Profile! Your money Your identity

    Adding Another Level

    Andyk P0stcode 234836

    Something You Know Something You Own

    Deploying 2FA

    Tokenless

    SecurAccess

    Tokens Vs Tokenless
    Traditional Tokens
    Usability Extra hardware Usually extra complexity to login Not globally recognised Simplicity Nightmare to manage Extra Servers Extra Databases Extra Security Required Extra maintenance Versatility Usually One solution per item Cost Expensive upfront and ongoing

    Tokenless
    Usability Uses what you already have (5 Billion Phones globally) Intuitive process for login Everyone understand SMS and Phones Simplicity 20,000+ users deployed in an Hr Uses what you already have
    NO NO NO NO Extra Extra Extra Extra Servers Databases Security Required maintenance

    Versatility Can support multiple apps Cost Around 60% cheaper

    SMS or Soft Token

    SMS - Reliability

    SMS Secure?
    Phone Trojans Need to install on the phone? Seed Record Hacking No seed records Man in the Middle User alerted on login attempt Session cookie is fingerprinted OTP once the code is used it is locked / changed SMS capturing User alerted on login attempt Without Username & Password what is the SMS for? Unidirectional not susceptible to DDoS attacks

    One SMS Solution?


    Real Time
    What is true Real Time
    Flash vs Pure Text

    Pre-Load
    Available Now Multiple Code Options Still Secure Uses SMS protocol to simplify

    What if there is no network coverage? What if there are delays?

    Web Gateway / Modem


    Voice / SMS / Pager

    SecurMail

    SecurMail

    Password Reset Traditional Method


    Traditional approach Enrollment User Enrolls with Separate security questions Database of user information Mothers Name First School Child Name First job Street name Password reset User answers a random set of security questions

    User Password resets password Reset Complete via API

    SecurPassword
    User Authenticates with Two-Factor Enrollment User Enabled upon in All User data stored SecurEnvoy server LDAP (AES 256 bit)

    Supported LDAP User sent automatic servers: enrollment request Microsoft AD Novell e-Dir User selects Security Sun One questions Linux IBM
    User provides Security answers User enrollment process complete

    Self Service Reset


    User selects password reset link

    User enters passcode and security answer

    User enters new password Password policy elements are displayed

    SecurEnvoy
    Usability Consumer / End User Versatility Technology / Capability Simplicity Administration Cost Upfront / On-going

    Case Study
    T-Mobile (UK) Mobile Telecoms Company
    RSA User 2000 approx.
    Change? Cost / Complexity admin contractors etc.

    SecurAccess 6000 approx. Competition


    Cryptocard Swivel

    Reasons for choosing SecurAccess


    Simplicity Administration / Msoft AD integration Cost savings (initial and ongoing)

    Other benefits
    Deployed over a weekend Scripted for all new users self administrating

    Case Study
    Sykhuspartner (Norway) Health Services
    New user requirement 70,000 users SecurAccess 25,000+ approx. Competition
    SMS Passcode RSA

    Reasons for choosing SecurAccess


    Simplicity Administration / Msoft AD integration Cost savings (initial and ongoing) Reliability for delivering SMS (pre-load)

    Other benefits
    Now looking at SecurPassword 70,000 users

    Case Study
    Imperial Tobacco (Global)
    RSA User & SecurAccess 12000 approx.
    Change? Cost / Complexity

    SecurAccess 7500 approx. Competition


    RSA Vasco

    Reasons for choosing SecurAccess


    Simplicity Administration Cost savings (initial and ongoing)

    Other benefits
    Due to RSA breach moving all over to SecurAccess Ability to support SMS Gateways Delivery of SMS

    Case Study

    You might also like