Enterprise Authentication: Increasing Security Without Breaking The Bank

Enterprise Authentication Increasing security without breaking the bank November 2009
© 2009 Entrust. All rights reserved. Enterprise Authentication: Increasing security without breaking the bank
Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries. Entrust is a registered trademark of Entrust Limited in Canada. All other company and product names are trademarks or registered trademarks of their respective owners. The material provided in this document is for information purposes only. It is not intended to be advice. You should not act or abstain from acting based upon such information without first consulting a professional. ENTRUST DOES NOT WARRANT THE QUALITY, ACCURACY OR COMPLETENESS OF THE INFORMATION CONTAINED IN THIS ARTICLE. SUCH INFORMATION IS PROVIDED "AS IS" WITHOUT ANY REPRESENTATIONS AND/OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, BY USAGE OF TRADE, OR OTHERWISE, AND ENTRUST SPECIFICALLY DISCLAIMS ANY AND ALL REPRESENTATIONS, AND/OR WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT, OR FITNESS FOR A SPECIFIC PURPOSE. © 2009 Entrust. All rights reserved.
© 2009 Entrust. All rights reserved. Page ii www.entrust.com Enterprise Authentication: Increasing security without breaking the bank
Table of Contents
1 Introduction ..............................................................................................1
2 Balancing Act: Regulatory Requirements, Remote Workers & Reducing Costs .........2
3 Regulatory Review ...................................................................................2
4 The Facts on Factors and Authentication Methods ..............................4
5 Demystifying the Top Authentication Methods .....................................4
6 Selection Criteria for Enterprise Authentication ...................................6
7 The Entrust Solution................................................................................8
8 Conclusion................................................................................................9
9 Industry Experts Agree............................................................................9
10 About Entrust ...........................................................................................9

© 2009 Entrust. All rights reserved. Page iii www.entrust.com Enterprise Authentication: Increasing security without breaking the bank
1 Introduction
Passwords alone don't provide enough protection Enterprise authentication used to be simple: passwords for everyone, expensive tokens for a small number who work remotely. But the world is changing. The workforce is now mobile, with large numbers of employees accessing the corporate network from hotels, coffee shops and their homes, putting confidential data at risk. New security practices and policies are being rolled out for regulatory compliance, and they all highlight the need for strong authentication. Experts agree that username/password authentication does not provide enough protection against unauthorized access. CIOs are challenged to increase authentication security while preserving operational and budget efficiency. Challenge No. 1: Efficiently roll out strong enterprise versatile authentication to a growing number of users while controlling costs. Beyond the single authenticator When a limited community of users with the same basic requirements needed additional protection, a single authenticator such as tokens, though traditionally expensive and sometimes hard to manage, was a reasonable solution. That small community of users who need more than password protection has ballooned. The authentication requirements of users within an organization now may vary depending on a number of factors, including the level of security required, their usability needs and experience, and where and how they are remotely accessing the network. Often a component of layered security model, a versatile authentication platform with a range of authentication options, which can be matched to user constituency based on policy and risk assessment now and as organizational requirements change, is an important requirement. Challenge No.2: Meet potentially diverse company authen... [download for more]