Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Advantages Of Hosted Authentication

Wick Hill : 14 March, 2011  (Technical Article)
David Phillips of Wick Hill provides insight into the subject of hosted authentication and details the reasons for migrating to this cloud-based two-factor authentication method
Advantages Of Hosted Authentication

With an ever increasing number of users wanting to access an ever increasing number of company applications, from an ever increasing number of endpoints, secure access has become a critically important issue.


Couple that with a growth in pressure on companies to conform to standards such as those from the Payment Card Industry (PCI) and the Information Commissioner’s Office (ICO), then it’s not surprising that there has been a strong growth in 2-factor authentication, which involves a one-time password (OTP) on a hardware or software token, plus a PIN.


Another trend over the last couple of years has been towards hosted services, also known as cloud computing. According to The Information Security Breaches Survey 2010, over three quarters of the organisations polled used externally hosted solutions for some part of their business.


Put these two together, and it’s easy to see why hosted authentication or strong authentication as a service is growing in popularity.


Hosted authentication is a cloud-based service where two-factor, strong authentication is provided by an outside supplier instead of being done in-house. Gartner in the research paper ‘On the Verge: Strong Authentication as a Service’ published June 2010, described the strong authentication as a service market as ‘burgeoning’.


Gary Marsden, vice president of managed services at CRYPTOCard, a leading provider of strong authentication solutions, predicted that ‘hosted’ would generate half of the company’s new sales by the end of the 2010. He commented: “Two years ago lots of people were looking at [hosted (2FA)] trials and it was mainly SMEs adopting. This year we have seen large enterprises take it seriously.”


Why hosted authentication?


While recognising the need to improve their access security, some companies don’t have the desire, or the expertise, or the extra finance necessary to implement and manage a two-factor authentication system themselves.


A hosted solution means there is no up front investment, no servers to buy, no extensive training, no network implementation or complicated integration and no heavy ongoing cost in managing the solution and associated infrastructure. In times of financial uncertainty, paying a fixed sum on a regular basis to a third party can be seen as an advantage.


Benefits of hosted authentication


* Instant and easier implementation




Hosted authentication takes all the complexity out of implementation and can be typically carried out in just a few hours, compared to several days for a traditional server based solution.


* Easier ongoing support


A high percentage of help desk calls are related to password and authentication problems. Hosted authentication provides for easier ongoing support, freeing helpdesk staff and system administrators to focus on other more urgent matters.


* No special skills


The adoption of in-house authentication may mean hiring qualified staff to install and manage the system, or training of existing staff, but hosted authentication is managed by experts, so no special skills are needed.


* Lower total cost of ownership


A combination of factors including not having to hire extra staff or train existing staff, instant and easier implementation, less help desk calls, less time spent on token logistics and less security incidents can result in a lower total cost of ownership for hosted authentication.


* Scalability


Hosted services are easily scalable to accommodate more users or more diverse access to networks.


How does it work?


How does a hosted authentication service work in practice and how does it provide the access security you need? As an example, we can look at what is provided by one of the market leaders CRYPTOCard.


The hosted service is accessible from anywhere via a standard web browser. When trying to connect to the corporate network over a VPN, for example, users are asked to identify themselves using their unique OTP and PIN. This request is then sent to the hosted service and the user is authorised and given access to the enterprise network.


The service provides the strongest two-factor authentication, and encryption algorithms as strong as AES 256. The OTP is as strong as eight character Base 64, the most secure type of password available.


A secure managed authentication portal lets users carry out all the administrative tasks associated with organising access and assigning tokens, without having to contact the supplier. Additionally, a service desk is available to give advice, answers, and assistance in planning, implementing, and managing the service.


A service level agreement can also be put in place to make sure a high level of service is provided. The cloud facility is hosted in a Class A data centre with high availability and redundancy.


Conclusion


The growth in 2-factor authentication and the move towards cloud computing, coupled with the increase in end points needing access to the company network and current financial insecurity, mean that hosted authentication is set to grow. It is likely to prove the best current option for many companies wanting to improve their access security.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo