Gemalto’s Live Provisioning Solution for Strong Authentication Deployment
Current Threat: In a time when enterprise security systems are subject to security breaches and lost information, many organizations are rejecting weak static passwords and ramping up security to protect employee identities and internal data. Organizations are turning to strong authentication devices for higher levels of security. However, systems administrators can not set up new strong authentication devices or re-configure existing ones themselves; instead they have to buy pre-configured devices and keep them in stock, or wait to have new ones delivered for new employees and contractors. Gemalto overcomes these challenges with Live Provisioning, the first digital security technology to allow quick and easy in-house deployment of strong authentication devices.
Tomorrow's Technology Today: Live Provisioning is an industry-first digital security solution that enables enterprise administrators to quickly and easily deploy strong authentication devices or re-use existing ones. Live Provisioning is an enhancement to Gemalto’s Protiva Strong Authentication Solution.
Gemalto’s Protiva Strong Authentication Solution is a strong network authentication platform that protects identities and enterprise information systems against phishing attacks, key logging, shoulder surfing and stolen passwords. It is a comprehensive, end-to-end solution that enables small to medium sized organizations to implement strong authentication using their existing network infrastructure.
Until now, system administrators could not set up new strong authentication devices or re-configure existing ones. They had to buy them in lots, stock them and track inventory. Now, with new Live Provisioning, administrators can manage the setup and use of Protiva strong authentication devices themselves.
Live Provisioning, offered with the Protiva Customer Care Portal, automatically personalizes user device through a secured link to the Protiva Authentication Server. The system includes a Gemalto contactless reader, which is used to securely transfer the information to the smart card-based strong authentication device. This provides customers with the capability to manage the entire lifecycle of a strong authentication device in a more convenient and productive manner. Live Provisioning also generates the device ID, creates the device record, adds it to the data server and then transfers the information to the smart card-based strong authentication device, updating the backend user database.
The Gemalto Customer Care Portal, a module of the Protiva Authentication Server, is a feature-rich Web application to manage strong authentication devices for secure network access. It includes a batch tool that enables administrators to create multiple device records and activate multiple users at one time, which is especially useful when setting up a new system. It also adds a rich set of other administrative functions for managing users and their access privileges as well as smart card and strong authentication devices. A customizable, self-service User Care portal allows individuals to manage routine tasks themselves, such as PIN resets and lost/forgotten devices. Self-service lowers support costs and increases convenience for users.
Protiva features a broad range of interoperable personal security devices that use smart card technology for one-time password ( OTP ) and Public Key Infrastructure (PKI) certificate authentication and are available in card and USB token form factors. A browser plug-in and server applications for authentication, Web-based customer care and user self-service are all part of the system. Protiva is compatible with the Open Authentication (OATH) specification for OTP and integrates seamlessly with existing architectures that use AAA (Authentication, Authorization and Accounting), RADIUS (Remote Authentication Dial-In Server) and Web application servers. It runs under Windows® 2000, Windows Server™ 2003, Windows XP and Linux operating systems and can be deployed with Citrix Access Suite™ to protect VPNs (Virtual Private Networks) with smart card-based strong authentication.
Conclusion: Because Live Provisioning makes it much easier to deploy end-user strong authentication devices and manage existing ones, enterprises have more flexibility and control and can respond faster to end-user needs. The inventory cost of digital security devices is reduced, because they can be easily reused. Delivery is also faster, since inventories of strong authentication devices can be maintained and shipped immediately without waiting for security customization.
Gemalto North America
1655 North Fort Myer Drive
Arlington, VA 22209 USA