Welcome to the 3rd generation in user authentication
Download as PPSX, PDF1 like1,046 views
The document highlights the need for stronger authentication methods, emphasizing that traditional passwords are frequently compromised, leading to significant security breaches. It presents SMS passcode technology as an effective multi-factor authentication solution that improves security while being user-friendly and easy to implement for organizations. Additionally, it outlines the evolution of authentication technologies and the benefits of contextual intelligence in enhancing security measures.
Welcome to the 3rd generation in user authentication
- 1. SMS PASSCODE 3rd generation user authentication Christian Larsen Regional Manager, International VirtualizationForum 2014
- 2. Why Stronger Authentication? Simply because passwords are weak! » Hackers preferred weapon 76% of network intrusions exploited weak or stolen credentials (passwords)* » You might already be a victim 66% of breaches took months or years to discover* » The small organizations cannot hide 31%of all targeted attacks were aimed at businesses with less than 250 employees** » The threat is only getting bigger - Cybercrime is the fastest growing crime type in the world and targeted attacks grew by 62% from 2013 to 2014*** * Verizon Data Breach Investigations Report 2013 ** Internet Security Threat Report 2013 (published by Symantec) *** Internet Security Threat Report 2014 (published by Symantec) Adaptive User Authentication 2
- 3. Why Stronger Authentication? » We are already patching up, scanning and testing etc. » Companies often put a great effort into updating, patching, vulnerability testing etc., » but this way you only seal the windows, close the shutters and the cat’s door… » and if the wrong guy has a valid set of credentials, and you do not have MFA, he walks in through the main entrance… » even without anyone discovering it! – So you might be attacked without knowing! Adaptive User Authentication 3
- 4. Stronger Authentication in 2014 » Today a password is not enough to ensure your online identity, because it can be compromised in many ways (key logged phished, bought, guessed etc.) » Therefore the providers of online services like banking, e-mail, gaming, social media etc. now all force or allow you to step up authentication » And since almost everybody has a mobile phone, the providers use SMS/Text for validation » A user-friendly way of enabling Multi-Factor Authentication on a global scale Adaptive User Authentication 4
- 5. SMS PASSCODE We are a technology leader in adaptive multi-factor authentication software. We ensure employees can easily and safely access corporate networks and applications remotely. We provide IT/security managers with a cost-effective and easy-to-maintain offering that secures remote access systems, including Microsoft, Citrix, Cisco and Juniper. Adaptive User Authentication 5
- 6. The Evolution of Authentication Technology 1st Generation 2nd Generation 3rd Generation 80-90’s Hardware Tokens + Introduction of two-factor auth. ÷ High cost on tokens ÷ Distribution & administration cost ÷ An extra thing to carry 00’s Mobile based solutions + Real-time multi-factor auth. + No hardware distribution ÷ Deployment of soft tokens / apps ÷ Regional SMS delivery challenges Now Adaptive User Authentication + Contextual intelligence layer + Policy-based trusted IPs + Multiple OTP options + Location aware dispatching Our Heritage: • Always been based on SMS, Always been real-time, Always been session based, No client software Adaptive User Authentication 6
- 7. Two-factor vs. Multi-factor Authentication » Two-factor Authentication (2FA) is merely » Something you Know » Something you Have (Token, Card, Finger, Phone etc.) » Multi-Factor Authentication (MFA) simply adds more factors » Your Connection (unique session identification) » Your Location (Geographically) » The Role/Rights you have (Group member i.e. consultant, employee) » A valid Gateway/Point of entry » Time of day (doors are open only between i.e. 8am and 10pm) etc. Basic security: Protects against 90’ies threats (key loggers, guessed/ cracked/ bought/ borrowed passwords etc.) Plus - users feel that their identity is protected. Higher security: Protection against also more modern threats like Advanced malware, Session hijacking, Phishing, Pharming, Man-in-the- middle attacks etc. New flexibility: Access may now be controlled based on i.e. Countries, IP-ranges, “Trusted locations”, Time frames, Roles, Groups and other factors. Adaptive User Authentication 7
- 8. Valued Partnerships Adaptive User Authentication 8
- 9. Market Proven Technology Adaptive User Authentication 9
- 10. Why SMS PASSCODE What makes SMS PASSCODE unique? Makes Security Hassle-Free and Painless for the User Easy for IT to Implement, Manage and Scale Prevents Security Breaches with Contextual Intelligence Reduces Costs and Improves ROI Superior User Experience Adaptive User Authentication 10
- 11. Flexible OTP Delivery » Broad range of OTP delivery options » Automatic failover » Location Aware Dispatching » OATH token support – allows use of both hardware- and App tokens » Simultaneous use is possible Adaptive User Authentication 11
- 12. Platform Diagram Adaptive User Authentication 12
- 13. Demonstration Adaptive User Authentication 13
- 14. In Good Hands 217 customers in 21 countries were asked Customer Satisfaction 2014 1% 40% 59% 0% 20% 40% 60% 80% HIGHLY SATISFIED SATISFIED LESS SATISFIED Likelyhood to recommend SMS PASSCODE 5% 1% 38% 56% 0% 20% 40% 60% VERY LIKELY LIKELY DON'T KNOW UNLIKELY “This project has been highly successful. Not only have we realized substantial cost savings, the users have also been very happy about the change” John Gudmann, Post Nord “SMS PASSCODE is a great hassle-free product and does exactly what we need it to” John Owen, IT Manager, Day Group “We have now regained control of the authentication process. We know exactly who receives access codes, when they use them to log in, and from where” Peter Warnier, CIO, DEME Adaptive User Authentication 14
- 15. FREE 30 DAY TRIAL www.smspasscode.com/free-trial Adaptive User Authentication 15
- 16. Keeping you safe without spoiling the ride
- 17. Questions? Adaptive User Authentication 17