CURRENT THREAT SCENARIO
Organizations of all sizes have to manage far too many passwords that users have to remember. Passwords have been put in place to mitigate risk, but have become a major burden to users impeding their ability to be productive. And they jeopardize security when users share passwords or write them down for future reference. Simply stated, passwords impede user productivity, are an extremely poor form of protection, and don’t meet compliance regulations for strong authentication. With the ever increasing use of mobile devices such as iPhones and iPads as laptop replacements to access enterprise applications, and the migration of applications to the cloud, phishing and password attacks are potentially devastating on an even larger scale. A skillful intruder can break into one system and use it as a platform for attacks on a population of millions of targets. To protect themselves, organizations purchase and support multiple products (2-Factor Authentication, Password Management, etc.) across diverse environments to reduce management complexity while meeting security and compliance requirements for on-premise applications and VPN resources. And now, they are being forced to select yet another set of products to control access to cloud applications or enterprise applications from mobile devices. Even more archaic, they need another type of product, (Single Sign-on) to increase user productivity by simplifying access. Unfortunately, username/password authentication in an SSO environment is also risky and many executives are concerned that a compromise to the SSO system would instantly grant unauthorized access to every system. Simply throwing tools at the problem has to stop.
WHAT DOES THIS TECHNOLOGY DO?
SecureAuth Identity Enforcement Platform (IEP) is the industry’s first identity enforcement platform that integrates strong authentication, SSO, access, and user management services to simplify and secure access for cloud and web applications, VPN resources, and mobile devices. Unlike other products that provide one security function (authentication, SSO, access, or user management) and can’t support diverse computing platforms, SecureAuth uniquely delivers it all in a single solution that is a fraction of the cost of implementing and supporting siloed products. SecureAuth IEP’s integrated SAML SSO and strong authentication adds a much needed layer of security that provides mutual (client/server) authentication to protect any enterprise application from phishing and password attacks. SecureAuth IEP’s tokenless 2-factor authentication is based on industry endorsed X.509 digital certificates and is one of the only integrated solutions that meet compliance requirements for cloud computing. Furthermore, SecureAuth IEP’s hybrid architecture works directly with user identities and access controls that are securely stored in directories such as Active Directory, etc. And, as enterprises move applications to the cloud, they can keep their data store on-premise or move it to the cloud. SecureAuth IEP has the flexibility to support either option. The product installs without APIs, agents, or modifications to applications and can be moved into production in days, not weeks. To reduce management overhead and ensure timely access, SecureAuth IEP includes an automated self-enrollment process and self-service password reset that enables users to gain immediate access from any location at any time without involving the Help Desk.
SAML has emerged as the go-to SSO protocol for B2B applications. What isn’t clear is that SAML doesn't actually perform the authentication; it transports the authentication information and relies on different types of authentication authorities such as LDAP, Active Directory, and Radius. SecureAuth IEP takes the automation of SAML to the next level. An organization simply installs SecureAuth and any web or SaaS application can be immediately integrated into a transparent SSO user experience from the desktop to the cloud. And, an enterprise doesn’t have to have any knowledge of SAML. Example: a user attempts to login to a SaaS application and a SAML authentication request is automatically redirected to SecureAuth. SecureAuth parses the request, authenticates the user to an organization’s directory (Activity Directory), and generates a SAML response to the application for verification. Once verified, the user is automatically logged into the application. With SecureAuth SSO, an administrator determines the level of authentication and one set of authentication credentials is used to create a single login experience for all applications (web, desktop, VPN, mobile devices). Users don’t have to remember separate passwords and administrators aren’t flooded with calls when forgotten. Bottom line, SecureAuth delivers easily configured SAML options that eliminate the expense and expertise needed to integrate a SAML SSO solution into an organization’s directory. And, SecureAuth IEP also natively supports Microsoft Forms-Based Authentication (FBA), OWA, ASP.NET, SharePoint, MOSS, Microsoft Dynamics, IBM Websphere LTPA, WebSphere portal server and applications, IBM TAMeb EAI, Tivoli Access Manager, and OpenID.
SecueAuth was founded by ex Netegrity (acquired by CA) employees who were instrumental in its growth from a startup company into the industry standard for internet access control. SecureAuth has brought together everything an organization needs to ensure compliance, increase user productivity and fortify security in a single solution. The CTO and co-founder came up through the Systems Engineer ranks at Netegrity, RSA, and IBM and is committed to delivering the level of security required to thwart attacks while abstracting the complexity from the administrator and end user. Designed to go into production in days, SecureAuth doesn’t force organizations to implement APIs or modify applications. Instead, it leverages built-in hosted web services that include telephony and SMS one-time-registration password options and certificate servers so an organization doesn’t have to purchase or deploy additional infrastructure components. And, unlike traditional approaches to 2-Factor authentication, SecureAuth has created a high-availability certificate authority behind a protected set of web services that can securely create and distribute X.509 v3 credentials without requiring an organization to understand or invest in a public key infrastructure. SecureAuth’s unique approach removes the barriers to security and user productivity by enabling any size organization to deploy 2-Factor authentication with native SSO for any application or number of users to solve the risky username/password problem. Not only does SecureAuth solve the cloud-based SSO problem to applications like SalesForce.com, Google, and Postini, it also enables a seamless level of security and encryption above and beyond what other solutions offer today.
8965 Research Drive
Irvine, CA 92618 USA