Professional Documents
Culture Documents
S
10 Things to Know—Before You Buy
WHITE PAPER
WH
Introduction
Benefits Delivering instant remote access is no longer just about remote employees. It’s about enabling
• Improve security
customers to perform online transactions, mobile sales reps to access ERP applications,
• Reduce security costs outsourced call centers to share the customer database, and more. While ensuring reliable,
• Boost deployment instantaneous access is a must, so, too, is the need to guard against breaches and ensure
opportunities continuous compliance. In this business environment, strong authentication—using multiple
factors to ensure users are indeed who they claim to be—is vital. As they evaluate the
alternatives, many organizations are opting to use SMS authentication, which offers a mix of
convenience and security that make it ideally suited to many usage scenarios.
5. Ease of Management
For the administrators of SMS authentication solutions, there are several factors for assessing
efficiency. Does the solution offer eamless integration with existing user directories, such
as LDAP and Active Directory? In the case of a lost or stolen device, can administrators
quickly and easily revoke access? Also, look for solutions that offer automatic administrator
notifications. Whether it’s an issue caused by a lost device, a compromised internal server, or
any other potentially threatening event, administrators need to be notified automatically—and
immediately—to ensure they can promptly take the remediation steps required.
Therefore, it is critical to deploy solutions that can be integrated with a central management
platform that can be used to control all enterprise authentication; whether it’s simple, one-
time-password solutions, robust certificate-based digital signing applications, USB tokens or
software-based solutions, or hybrid, physical and logical security systems. Finally, this broad
support is vital for the true utility of SMS authentication in its own right. If a solution offers the
flexibility not just to do SMS, but OTP to e-mail, SMTP delivery, and more, the utility and value of
that solution increases substantially.
8. Authentication Strength
Not all authentication mechanisms are created equal. In evaluating alternatives, it is important
to ensure that the authentication method ultimately employed meets at least the minimum
level of protection warranted by the assets involved. Look at the worst-case scenario—what
would happen if an attacker successfully compromised the credentials of an authorized user
and was able to access corporate resources? The level of authentication strength should be
commensurate with the severity of this exposure.
Conclusion
For many organizations, SMS authentication can present a host of benefits to organizations
looking to improve security while maximizing the productivity of end users and administrative
staff. In choosing any authentication solution, organizations will be well served by taking many
key considerations into account, including deployment characteristics, convenience for end
users, centralized management, overall security, and more.
OTP Authenticators
• eToken PASS. The eToken PA SS is an OTP token that offers two-factor strong
authentication in detached mode. eToken PA SS is available in both time and
event-based versions.
• iKey 2032. The iKey 2032 is a smartcard USB token that offers two-factor
authentication, advanced security applications, and digital signatures.
• iKey 4000. The iKey 4000 is a smartcard USB token that offers multi-factor
authentication with optional match-on card biometric functionality.
• eToken PRO Smartcard. The eToken Pro is a credit card form factor
authenticator that supports password management, digital signatures, and
advanced security applications.
Hybrid Authenticators
• eToken NG-OTP. The eToken NG-OTP is a hybrid USB token that supports both
OTP and certificate-based authentication.
Software Authenticators
• MobilePASS. MobilePA SS is a software-based OTP authenticator that
combines the security of two-factor strong authentication with the
convenience of one-time passwords generated on Windows desktops and a
range of mobile devices, including iPhone, BlackBerry, and Windows Mobile
platforms. For additional flexibility, it also supports SMS delivery to mobile
devices.
About SafeNet
Founded in 1983, SafeNet is a global leader in information security. SafeNet protects its
customers’ most valuable assets, including identities, transactions, communications, data
and software licensing, throughout the data lifecycle. More than 25,000 customers across
both commercial enterprises and government agencies and in over 100 countries trust their
information security needs to SafeNet.
Contact Us: For all office locations and contact information, please visit www.safenet-inc.com
Follow Us: www.safenet-inc.com/connected
©2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet.
All other product names are trademarks of their respective owners. WP (A4)-09.07.10