THE RSA AUTHENTICATION DECISION TREE
|
|
- Liliana Norman
- 6 years ago
- Views:
Transcription
1 THE RSA AUTHENTICATION DECISION TREE Select the Best Authentication Solution for Your Business What is the best authentication solution for my business? This is a recurring question being asked by organizations around the globe. With the number of new and emerging security products being denoted by analysts as the silver bullet solution, it is critical to recognize that there are many authentication choices available on the market. Before making a final selection as to the authentication solution that will work best, organizations must consider their user authentication needs, the threats targeting their business, their business objectives and the regulatory guidelines that impact their industry. RSA has developed the Authentication Decision Tree a comprehensive tool to help organizations understand, evaluate and select the most appropriate authentication solution to meet the needs of their users and their business. The RSA Authentication Decision Tree provides a framework to help narrow the selection of authentication solutions based on five critical factors. This white paper provides an overview of the Authentication Decision Tree, examines the five factors critical to selecting an authentication solution, and offers a clear guide to selecting the right solution that effectively balances risk, cost and end user convenience. The Need for Strong Authentication Protecting access to information and assuring the identities of users requesting that access is a core element of any security initiative. In the last few years, numerous industry regulations have been issued that require organizations to enact strong authentication security measures to protect against unauthorized access to information. Today, as functionality and technology move to new channels, so do the threats that target sensitive data driving an increasing demand for strong authentication across the organization. The online and mobile channels. Recognizing the new business opportunities, cost efficiencies and the customer service aspects associated with providing real-time access to information online, many organizations are offering an increasing number of Webbased customer portals and business applications that enable customers to access and manage their accounts 24/7. Mobile access smart phones in particular provide customers with similar access and often offer even more functionality through customized applications. White Paper
2 Remote and mobile access. The global nature of business and employee mobility has forced many organizations to provide around-the-clock access from multiple locations and multiple devices including mobile to enable employee productivity. Access for new user populations. Today s organizations are extending access privileges beyond the employee to external contractors, partners and suppliers. These new user populations require on-demand access to proprietary information such as sales forecasts, competitive intelligence, pricing charts, inventory, and customer data. The State of User Authentication Despite the fact that password-only authentication is recognized for providing relatively weak security, the use of a single password as a means of assuring user identities continues to dominate. However, the authentication method once viewed as free has actually become expensive in terms of ongoing management and support costs. According to the Help Desk Institute, roughly 30 percent of all help desk calls are for password resets and cost between $25 to $50 per call. New authentication methods continue to appear on the market making the selection even more challenging for organizations looking to implement a strong authentication strategy. In the enterprise, hardware authenticators still dominate for securing access to corporate resources. Yet, employee mobility and the use of mobile phones and PDAs have caused an increase in demand for software authenticators. For consumer-facing portals, riskbased authentication and knowledge-based authentication are common security mechanisms because of their ease-of-use and their scalability to a mass user base. With so many authentication options available on the market, organizations are finding it difficult to establish an authentication strategy. For many organizations, multiple authentication options can be selected based on factors such as the user population, the value of information being protected, portability and user experience. RSA developed the Authentication Decision Tree to help organizations weigh the assorted options objectively and align the needs of their users and their business to make the optimum choice. Critical Factors to Consider in Developing an Authentication Strategy There are five critical factors to consider in developing an appropriate authentication strategy. These five factors are: The value of the information being protected The strength of user authentication to apply Planned usage Needs of the end user population Technical environment The value of protected information The first factor to consider is the value of the information to be protected and the cost of unauthorized access to that information. Proprietary business data, bank account and credit card details, health records or personally identifiable information (PII) are all types of information that could be considered high value. And unauthorized access to that information could be costly (i.e., a bank having to assume the costs of unauthorized fund transfers for customers) and detrimental to a company s brand and reputation. The higher the value of the information is and the higher the risk to the organization if the data is accessed by an unauthorized user, the stronger the authentication solution that is needed to protect it. PAGE 2
3 The strength of user authentication to apply Considering the user population and the information being accessed by those users can help organizations determine the level of user authentication to apply. For example, organizations cannot force authentication on their customers so considerations in selecting a solution for this user base might be convenience and willingness to adopt. For employees and partners, however, organizations have more control over the types of authentication to deploy and will more likely consider features such as portability, total cost of ownership and overall management. Planned usage When organizations deploy an authentication solution, there is often more than one business objective to be met. In other words, depending on the user and the types of activities performed, an organization might determine that additional layers of authentication are needed beyond just assuring user identities. For example, a financial institution seeking to decrease their fraud losses might implement a transaction monitoring solution to monitor high-risk money transfers. Another example to consider would be for enterprise users. An organization might require certain users that work with and exchange highly sensitive information such as HR, payroll and finance to have an authentication solution that enables file and encryption. End user population When deploying authentication to an end user community, there are many factors to consider depending on the end user population. From the user s perspective, organizations must consider aspects such as ease-of-use, the user s willingness to adopt and the information the user will be accessing. From the organization s perspective, consideration must include total cost of ownership, training requirements, scalability to end users and mobility of the solution. Technical environment Finally, the technical environment where the solution will be deployed is important in helping to determine such factors as what level of authentication strength to apply. For example, in an environment where desktops are more controlled and anti-virus software is likely to be up-to-date, security requirements may not be as rigorous compared to a scenario where the user environment is not as controlled and a large percentage of the user population is accessing the network from remote locations around the world. Another technical consideration is the range of end user devices being used for access. For both corporate and customer-facing applications, the end user base is likely to be accessing information from devices ranging from laptops and desktops to PDAs and mobile phones to kiosks. The types of access devices are important in determining the authentication form factors offered to end users. Today, many organizations regularly issue smart phones (i.e., iphone, Android, or Blackberry) that enable access to corporate . This relatively new aspect of mobility often referred to as the consumerization of IT increases employee productivity and flexibility. These benefits, coupled with the increasing functionality and power of new devices are fueling the drive for the use of consumer devices for business use. But this trend also introduces many issues and questions for the organization, including how to manage the costs of ongoing IT support for the exploding variety of devices, where to draw the line for that support, and how to manage the growing security threats introduced by mobility. PAGE 3
4 The Authentication Decision Tree In light of the number of new authentication methods and technologies, the increasing value of information, new user populations requiring access to networks and applications, the proliferation of advanced threats and a complex regulatory environment, organizations are being driven to re-evaluate their existing authentication strategy. There are many existing authentication solutions to evaluate and market buzz about certain authentication technologies make the assessment difficult for many organizations. Biometric solutions, for example, enjoy a disproportionate share of media coverage compared to their actual deployment in the market. These solutions require expensive and cumbersome readers, making it an impractical solution for mobile or remote access or adoption by a mass consumer audience. The RSA Authentication Decision Tree was designed for organizations to evaluate their user and business needs objectively against the readily available authentication technologies on the market in order to ease the decision-making process. As the market has yet to come up with a universal solution that will meet every business requirement and address the security needs for all users and all scenarios, the RSA Authentication Decision Tree can be used to help organizations select the most appropriate authentication solution, or combination of solutions, while balancing risk, cost and end user convenience. How to Use the Authentication Decision Tree In determining what solution(s) will work best for an organization, the RSA Authentication Tree examines the following criteria: Control over the end user environment Access methods to be used Requirements of access across multiple locations or devices The need for disk, file or encryption Fraud prevention Size of the end user base Control over the end user environment Control over the end user environment is critical in determining the appropriate authentication method. Considerations include things such as whether the organization is allowed to install software on the end user s system or consumer device, and whether they can dictate the operating system platform an end user is required to work on. But why is this so important? Looking at something as simple as being able to control the operating system is important because not all authentication solutions are going to be compatible with all operating systems universally. In an enterprise environment, the organization has direct control over the operating systems on user devices. However, there is no control over the operating systems of external users, such as customers and partners, so the authentication method offered to these populations may be different. Access methods to be used Access methods are very important in determining an authentication strategy. Some authentication methods only work for accessing Web-based applications while others can be used to authenticate to multiple, non-web based applications. Therefore, taking into account the user, their access rights, and their planned usage will have a direct effect on the authentication methods selected. PAGE 4
5 Requirements of access across multiple locations or devices The global nature of business and increased employee mobility has created a demand for around-the-clock access from multiple locations and multiple devices including mobile devices. For employees or partners, providing the option of anytime, anywhere access is critical to sustaining productivity; for customers, it is important for maintaining customer satisfaction. Above all, providing the anywhere, anytime option for users to access information securely is critical to the continuation of business. Factors to weigh include: Do you need to accommodate user access from varying remote locations? Do you need to accommodate user access from unknown systems such as kiosks, hotel systems or shared workstations? Do you need to accommodate user access from varying devices such as PDAs, mobile phones, or other consumer devices (i.e., tablets)? The need for disk, file or encryption When evaluating an authentication strategy, organizations should consider the other business purposes that it may want the authentication method to address. For example, a healthcare organization might have the need to encrypt protected health information (PHI) or other personally identifiable information (PII) of a patient as it is transmitted between departments and facilities in order to meet HIPAA regulations. In this instance, the healthcare organization might require individuals with access rights to PHI and PII to access the data only from trusted machines. Fraud prevention Some authentication methods are required to monitor transactions and activities that are performed by a user after initial authentication at login in order to prevent fraud. While this scenario is relevant primarily for financial services applications, other industries are beginning to experience targeted attacks, such as phishing and malware, by cybercriminals for the purpose of gaining deeper access to a company s infrastructure to collect personal and/or proprietary corporate data that can be sold on the black market. Size of the end user base The size of the end user base being protected is important as cost is often one of the biggest considerations especially for small to mid-sized businesses. Several authentication solutions are designed and priced - specifically for a very small or very large user base. A Myriad of Authentication Possibilities Passwords Passwords provide single-factor authentication for assuring user identities. While initial acquisition is free, there are ongoing management and support costs (password resets, for example) which can wind up being expensive in the long-term. The level of security provided is very low and passwords are prone to hackers and sharing among individuals. Knowledge-based authentication Knowledge-based authentication is a method used to authenticate an individual based on knowledge of personal information, substantiated by a real-time interactive questionand-answer process. The questions presented to a user are gleaned from scanning public record databases, are random and previously unknown or unasked to the user. PAGE 5
6 Risk-based authentication Risk-based authentication is a system that measures behind-the-scenes a series of risk indicators to assure user identities and/or authenticate online activities. Such indicators include certain device attributes, user behavioral profiles, device profiles and IP geo-location. The higher the risk level presented, the greater the likelihood is that an identity or action is fraudulent. If the risk engine determines the authentication request to be above the acceptable policy, then risk-based authentication provides the option to step-up authentication. In a step-up authentication scenario, a user may be asked to answer a few challenge questions, or submit an authorization code delivered to a phone via SMS (text) message or . One-time password authentication One-time password (OTP) authentication is a leading two-factor authentication solution; it is based on something you know (a PIN or password) and something you have (an authenticator). The authenticator generates a new OTP code every 60 seconds, making it difficult for anyone other than the genuine user to input the correct code at any given time. To access information or resources protected by one-time password technology, users simply combine their secret personal identification number (PIN) with the token code that appears on their authenticator display at that given time. The result is a unique, one-time password that is used to assure positively a user s identity. One-time password technology is available in many form factors including: Hardware authenticators. Traditional hardware authenticators (sometimes referred to as key fobs ) are portable devices that are small enough to fit on a key chain and meet the needs of users who prefer a tangible solution or who access the Internet from a number of different locations. Software authenticators. Software authenticators (for PCs, USB drives, or mobile devices) are typically offered as an application or in a toolbar format that is securely placed on a user s desktop, laptop or mobile device. On-demand. On-demand authentication involves delivery of a unique OTP on demand via SMS (text message) to a mobile device or a user s registered address. Upon receipt of the unique OTP, a user simply enters it, along with their PIN when challenged, to gain access to their corporate network or an online application. Digital certificates A digital certificate is a unique electronic document containing information that identifies the person or machine to which it is bound. The digital certificate can be stored on a desktop, smart card or USB. For stronger two-factor authentication, the digital certificate can be locked on a smart card or USB, requiring the user to enter a PIN in order to unlock the certificate and use the credential. The digital certificate can then be utilized to authenticate a user to a network or application. In addition to being used for user authentication, digital certificates can add value to the enterprise by enabling digital signatures or encryption. Digital certificates can also be combined with OTP deployments using a hybrid authenticator. In this case, the hybrid authenticator stores multiple credentials and streamlines the end user experience. A common use case for a combined certificate and OTP deployment is to unlock hard disk encryption with a digital certificate followed by authentication to a VPN with a one-time password. PAGE 6
7 Analyzing the Authentication Attributes Once an organization assesses the needs of its business and its users, selecting the appropriate authentication strategy based on the available choices ultimately is a tradeoff among a number of variables: 1. Strength of security 2. Typical use case 3. Client-side requirements 4. Portability 5. Multiple use 6. User challenges 7. Distribution requirements 8. System requirements 9. Cost The RSA Authentication Decision Tree can help organizations make the relevant comparisons among the authentication methods that are designed to meet their requirements. By using this simple framework, organizations are provided with an objective assessment among the leading authentication solutions. While cost is an important consideration, organizations must consider a number of other elements in determining what is most suitable to their needs. Too often, the focus is on acquisition cost alone, but in considering that as a priority factor, one only needs to look to password-only authentication to prove that cost should never be the only consideration. Passwords are essentially free in terms of acquisition cost; however, they are surprisingly expensive in terms of ongoing management and support costs. RSA Solutions For more than 25 years, RSA has been a leading provider of strong two-factor authentication solutions. RSA offers a variety of solutions to help businesses of all sizes provide strong authentication while balancing risk, cost and end user convenience. RSA SecurID Authentication RSA SecurID one-time password technology provides a leading two-factor authentication solution; it is based on something you know (a PIN or password) and something you have (an authenticator). The authenticator itself can be one of a variety of formats, or form factors, which are described later in this section. RSA SecurID authentication offers a unique symmetric key (or seed record ) that is combined with a proven algorithm to generate a new onetime password (OTP) every 60 seconds. Patented technology synchronizes each authenticator with the security server, ensuring a high level of security. To access resources that are protected by the RSA SecurID system, users simply combine their secret Personal Identification Number (PIN) with the token code that appears on their authenticator display at that given time. The result is a unique, one-time password that is used to assure a user s identity positively. RSA SecurID authentication is available in the following form factors to meet the needs of organizations and their users: Hardware Authenticators From a usability perspective, traditional hardware authenticators (sometimes referred to as key fobs ) are small enough to fit on a key chain and meet the needs of users who prefer a tangible solution or access the Internet from a number of different locations. PAGE 7
8 Hybrid Authenticator with Digital Certificates The RSA SecurID 800 authenticator is a hybrid device that combines the simplicity and portability of SecurID authentication with the power and flexibility of a smart card in one convenient USB form factor. The 800 offers standards-compliant digital certificate support for disk and file encryption, authentication, signing and other applications and strengthens simple password authentication by storing users domain credentials on a hardened security device. By combining multiple credentials and applications in a single device, the 800 is a master key that enables strong authentication across a heterogeneous IT environment in a way that is both simple and seamless for the end user. An Authentication Decision Tree Scenario Company profile User groups Business and user needs A large healthcare organization representing several regional hospitals and specialty health centers that serves more than 1.5 million patients. Physicians, payers and insurers, patients and healthcare administrators Physicians are constantly on the go, moving among multiple facilities, and stay connected to healthcare and patient records through a laptop, Blackberry or other mobile device. This enables instant, secure access to pertinent health records to ensure the highest quality of patient care. Payers and insurers need access to patient records, medical history and services performed in order to settle or adjust claims. Healthcare administrators are always in need of access to protected health information and personally identifiable information (PII) of patients. From case workers to billing specialists, access to patient information is critical to their job performance. Authentication choices Patients are provided access to their personal information and medical history through a Webenabled portal. In addition to making updates to their personal information, they are provided a number of other convenient online services such as the ability to schedule appointments, submit prescription renewal requests and pay medical bills. With a diverse user base that requires access to various systems and for different needs, this healthcare organization would likely need to consider a myriad of authentication solutions including: Physicians: Software-based OTP for mobile devices Payers and insurers: Hardware tokens Healthcare administrators: Hardware tokens Patients: Risk-based authentication PAGE 8
9 Software Authenticators RSA SecurID software authenticators use the same algorithm as RSA SecurID hardware authenticators but provide an added benefit for mobile users by eliminating the need for users to carry dedicated hardware devices. Instead of being stored in SecurID hardware, the symmetric key is safeguarded securely on the user s PC, smart phone or USB device. Mobile Devices RSA SecurID software authenticators are available for a variety of smart phone platforms including BlackBerry, iphone, Android, Microsoft Windows Mobile, Java ME, Palm OS, Symbian OS and UIQ devices. Microsoft Windows Desktops The RSA SecurID Token for Windows Desktops is a convenient form factor that resides on a PC and enables automatic integration with leading remote access clients. OTP Token Toolbar The RSA SecurID Toolbar Token combines the convenience of auto-fill capabilities for Web applications with the security of anti-phishing mechanisms. On-demand (delivered via SMS or ) RSA On-demand Authentication delivers a unique one-time password on demand via SMS (text message) to a mobile device or a user s registered address. Upon receipt of the unique OTP, a user simply enters it, along with their PIN when challenged, to gain access to their corporate network or an online application. RSA Authentication Manager Express RSA Authentication Manager Express is a strong multi-factor authentication platform that provides cost-effective protection for small- to mid-sized organizations. Authentication Manager Express works with leading SSL VPNs and Web-based applications to enable strong authentication and secure access to protected applications and data. Authentication Manager Express is powered by RSA risk-based authentication technology the same technology that protects the identities of more than 250 million users worldwide. This sophisticated system measures a series of risk indicators behind-thescenes to assure user identities. RSA Authentication Manager Express considers multiple factors in determining the risk associated with each access request including: Something the user knows such as a username and password Something the user has such as a laptop, desktop PC, or mobile device Something the user does such as recent authentication and account activity RSA Authentication Manager Express can invoke additional authentication methods in the event an access request does not meet the required assurance level. This is especially true in situations where a remote user is logging in from a device that is not recognized and has not been previously used to access the network. RSA Authentication Manager Express provides two methods for additional authentication: out-of-band SMS and challenge questions. RSA Authentication Manager Express is delivered on a plug-and-play appliance and supports up to 2,500 users. PAGE 9
10 RSA Adaptive Authentication RSA Adaptive Authentication is a multi-channel authentication and fraud detection platform that provides cost-effective protection for an entire user base. Adaptive Authentication involves introducing additional identifiers actively with the simple addition of a cookie and/or a flash shared object (also referred to as flash cookie ) which serves as a more unique identifier of a user s device. The solution provides strong and convenient protection by monitoring and authenticating user activities based on risk levels, institutional policies and user segmentation. Powered by RSA s risk-based authentication technology, Adaptive Authentication tracks over one hundred indicators to identify potential fraud including device profiles, IP geo-location and user behavioral profiles. Each activity is assigned a unique risk score; the higher the score, the greater the likelihood is that an activity is fraudulent. Adaptive Authentication offers behind-the-scenes monitoring that is invisible to the user. It is only when an activity is deemed to be high-risk that a user is then challenged to provide additional authentication, usually in the form of challenge questions or out-ofband phone authentication. With low challenge rates and high completion rates, Adaptive Authentication offers strong protection and superior usability and is an ideal solution for deployment to a large user base. RSA Adaptive Authentication is available in both SaaS (software as a service) and on-premise deployments. The solution is highly scalable and can support millions of users. RSA Identity Verification RSA Identity Verification utilizes knowledge-based authentication to assure user identities in real-time. RSA Identity Verification presents a user with a series of top-ofmind questions utilizing information on the individual that is obtained by scanning dozens of public record databases. Within seconds, RSA Identity Verification delivers a confirmation of identity, without requiring any prior relationship with the user. RSA Identity Verification also provides improved accuracy in authenticating users with the Identity Event Module. The Identity Event Module improves security by measuring the level of risk associated with an identity and allowing the configuration of the system to adjust the difficulty of the questions automatically during the authentication process in order to meet the specific nature of the risk. Some of the identity events that are measured include: Public record searches. Suspicious access to a user s public record reports. Identity velocity. A high volume of activity associated with an individual at several businesses. IP velocity. Multiple authentication requests generated from the same IP. PAGE 10
11 RSA Certificate Manager The RSA Certificate Manager is an Internet-based certificate authority solution that provides core functionality for issuing, managing and validating digital certificates. It includes a secure Web server and a powerful signing engine for signing end user certificates digitally, and an integrated data repository for storing certificates, system data and certificate status information. The RSA Certificate Manager was the first to be common criteria certified and is also Identrust certified. Certificate Manager is built using open industry standards, making it interoperable with hundreds of standards-based applications out-of-the-box. Therefore it can be leveraged across other applications including Webbrowsers, and VPN clients to ensure maximum return on investment. It also provides the option to store credentials in Web browsers or on smart cards and USB tokens. For example, RSA digital certificates can be combined with the SecurID 800 hybrid authenticator to consolidate multiple credentials on a single device, simplifying the end user experience. Additional components of the RSA Digital Certificate Solution include RSA Registration Manager, RSA Validation Manager, RSA Key Recovery Module and RSA Root Signing Services. PAGE 11
12 About RSA RSA is the premier provider of security, risk and compliance solutions, helping the world s leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments. Combining business-critical controls in identity assurance, data loss prevention, encryption and tokenization, fraud protection and SIEM with industry leading egrc capabilities and consulting services, RSA brings trust and visibility to millions of user identities, the transactions that they perform and the data that is generated. RSA, the RSA logo, EMC 2, EMC and where information lives are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks used herein are the property of their respective owners EMC Corporation. All rights reserved. Published in the USA. DECTREE WP 0711
Adaptive Authentication Adapter for Citrix XenApp. Adaptive Authentication in Citrix XenApp Environments. Solution Brief
Adaptive Authentication Adapter for Citrix XenApp Adaptive Authentication in Citrix XenApp Environments Solution Brief RSA Adaptive Authentication is a comprehensive authentication platform providing costeffective
More informationADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI. Adaptive Authentication in IBM Tivoli Environments. Solution Brief
ADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI Adaptive Authentication in IBM Tivoli Environments Solution Brief RSA Adaptive Authentication is a comprehensive authentication platform providing costeffective
More informationAdaptive Authentication Adapter for Juniper SSL VPNs. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief
Adaptive Authentication Adapter for Juniper SSL VPNs Adaptive Authentication in Juniper SSL VPN Environments Solution Brief RSA Adaptive Authentication is a comprehensive authentication platform providing
More informationRSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief
Providing Secure Access to Corporate Resources from BlackBerry Devices Leveraging Two-factor Authentication Augmenting the BlackBerry Enterprise Solution BlackBerry devices are becoming ubiquitous throughout
More informationwhite paper SMS Authentication: 10 Things to Know Before You Buy
white paper SMS Authentication: 10 Things to Know Before You Buy SMS Authentication white paper Introduction Delivering instant remote access is no longer just about remote employees. It s about enabling
More informationSOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK
RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK KEY BENEFITS AT A GLANCE Ensure your journey to the cloud is secure and convenient, without compromising either. Drive business agility
More informationAre You Flirting with Risk?
Are You Flirting with Risk? RSA Live Webcast October 15, 2013 Jessica Stanford Sr. Product Marketing Manager, RSA Authentication 1 2 3 4 5 RSA AUTHENTICATION MANAGER 8.0 Agenda Password Problem Market
More informationSingle Secure Credential to Access Facilities and IT Resources
Single Secure Credential to Access Facilities and IT Resources HID PIV Solutions Securing access to premises, applications and networks Organizational Challenges Organizations that want to secure access
More informationRSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief
RSA Solution Brief Managing Risk Within Advanced Security Operations RSA Solution Brief How do you advance your security operations function? Increasingly sophisticated security threats and the growing
More informationAre You Flirting with Risk?
Are You Flirting with Risk? A Review of RSA Authentication Manager 8.x Platform 1 2 3 RSA AUTHENTICATION Agenda MANAGER 8.0 Password Problem The Ultimate Authentication Engine Market overview {Speaker}
More informationA HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage
A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION Establish Create Use Manage SIMPLE. SECURE. SMART. ALL FROM A SINGLE SOURCE. As the ways to access your organization and its sensitive data increase,
More informationDigitalPersona for Healthcare Organizations
DigitalPersona for Healthcare Organizations RAPID, SECURE AUTHENTICATION FOR MEDICAL PROVIDERS AND STAFF Secure Access to Electronic Health Records Streamline Clinical Workflow Reduce Cybersecurity Costs
More informationRSA Solution Brief. The RSA Solution for Cloud Security and Compliance
The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance enables enduser organizations and service providers to orchestrate and visualize the security of their
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More informationMobile Data Security Essentials for Your Changing, Growing Workforce
Mobile Data Security Essentials for Your Changing, Growing Workforce White Paper February 2007 CREDANT Technologies Security Solutions White Paper YOUR DYNAMIC MOBILE ENVIRONMENT As the number and diversity
More informationKeep the Door Open for Users and Closed to Hackers
Keep the Door Open for Users and Closed to Hackers A Shift in Criminal Your Web site serves as the front door to your enterprise for many customers, but it has also become a back door for fraudsters. According
More informationMake security part of your client systems refresh
Make security part of your client systems refresh Safeguard your information with Dell Data Security Solutions while boosting productivity and reducing costs Your organization might have many reasons for
More informationHow Next Generation Trusted Identities Can Help Transform Your Business
SESSION ID: SPO-W09B How Next Generation Trusted Identities Can Help Transform Your Business Chris Taylor Senior Product Manager Entrust Datacard @Ctaylor_Entrust Identity underpins our PERSONAL life 2
More informationNext Generation Authentication
Next Generation Authentication Bring Your Own security impact Dominique Dessy Sr. Technology Consultant 1 2012 DIGITAL UNIVERSE 1.8 ZETTABYTES 1,800,000,000,000,000,000,000 2 $ 3 4 Threat Landscape 60%
More informationhidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION
HID ActivOne USER FRIENDLY STRONG AUTHENTICATION We understand IT security is one of the TOUGHEST business challenges today. HID Global is your trusted partner in the fight against data breach due to misused
More informationAuthentication Methods
CERT-EU Security Whitepaper 16-003 Authentication Methods D.Antoniou, K.Socha ver. 1.0 20/12/2016 TLP: WHITE 1 Authentication Lately, protecting data has become increasingly difficult task. Cyber-attacks
More informationHIPAA Regulatory Compliance
Secure Access Solutions & HIPAA Regulatory Compliance Privacy in the Healthcare Industry Privacy has always been a high priority in the health profession. However, since the implementation of the Health
More informationSecure Government Computing Initiatives & SecureZIP
Secure Government Computing Initiatives & SecureZIP T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents Introduction FIPS 140 and SecureZIP Ensuring Software is FIPS 140 Compliant FIPS
More informationWHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD
WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD Imagine that you re a CISO in charge of identity and access management for a major global technology and manufacturing company. You
More informationOverview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT
DigitalPersona Premium Data Sheet Overview DigitalPersona s Composite Authentication transforms the way IT executives protect the integrity of the digital organization by going beyond traditional two-factor
More informationA Practical Step-by-Step Guide to Managing Cloud Access in your Organization
GUIDE BOOK 4 Steps to Cloud Access Management A Practical Step-by-Step Guide to Managing Cloud Access in your Organization Cloud Access Challenges in the Enterprise Cloud apps in the enterprise have become
More informationHIPAA Compliance Checklist
HIPAA Compliance Checklist Hospitals, clinics, and any other health care providers that manage private health information today must adhere to strict policies for ensuring that data is secure at all times.
More informationMonitise. RSA Adaptive Authentication On-Premise Implementation Guide. Partner Information. Monitise Mobile Banking Solution
RSA Adaptive Authentication On-Premise Implementation Guide Partner Information Last Modified: June 12, 2013 Product Information Partner Name Web Site www.monitise.com Product Name Version & Platform 5.0
More informationProtecting Health Information
Agenda Protecting Health Information BRONSON HEALTHCARE GROUP INFORMATION TECHNOLOGY SECURITY ENGINEERING MICHAEL SMITH Personal device usage with sensitive data Mobile devices and BYOD Secure messaging
More informationSecurity Enhancements
OVERVIEW Security Enhancements February 9, 2009 Abstract This paper provides an introduction to the security enhancements in Microsoft Windows 7. Built upon the security foundations of Windows Vista, Windows
More informationVMware Enterprise Desktop Virtualization. Robin Crewe Senior Director, Virtual Desktop Infrastructure (VDI)
VMware Enterprise Desktop Virtualization Robin Crewe Senior Director, Virtual Desktop Infrastructure (VDI) Background - emerging PC trends Heterogeneity Ubiquitous Network Security Threats Data Theft Phishing
More informationOptimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution
DATASHEET Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution Features & Benefits Best-in-class VPN and vadc solutions A single point of access for all
More informationVillage Software. Security Assessment Report
Village Software Security Assessment Report Version 1.0 January 25, 2019 Prepared by Manuel Acevedo Helpful Village Security Assessment Report! 1 of! 11 Version 1.0 Table of Contents Executive Summary
More informationSafelayer's Adaptive Authentication: Increased security through context information
1 Safelayer's Adaptive Authentication: Increased security through context information The password continues to be the most widely used credential, although awareness is growing that it provides insufficient
More informationAXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure
AXIAD IDS CLOUD SOLUTION Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure Logical Access Use Cases ONE BADGE FOR CONVERGED PHYSICAL AND IT ACCESS Corporate ID badge for physical
More informationChoosing the right two-factor authentication solution for healthcare
Choosing the right two-factor authentication solution for healthcare The healthcare industry s transition from paper to electronic records has introduced significant security risk from hackers around the
More informationSecure Access for Microsoft Office 365 & SaaS Applications
Best Practices Guide Secure Access for Microsoft Office 365 & SaaS Applications Implement Robust Compliance for All Users, All Devices, and All Data This guide illustrates best practices for secure Office
More informationGuide: HIPPA Compliance. Corporate HIPAA Compliance Guide. Privacy, productivity and remote access. gotomypc.com
: HIPPA Compliance GoToMyPC Corporate HIPAA Compliance Privacy, productivity and remote access 2 The healthcare industry has benefited greatly from the ability to use remote access to view patient data
More informationBEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE
BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE OUR ORGANISATION AND SPECIALIST SKILLS Focused on delivery, integration and managed services around Identity and Access Management.
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationMicrosoft Office 365 TM & Zix Encryption
Microsoft Office 365 TM & Zix Email Encryption A Natural Fit www.zixcorp.com INTRODUCTION IT managers and decision makers are being pressured from all sides to find ways to safely migrate to cloud-based
More informationSecuring Today s Mobile Workforce
WHITE PAPER Securing Today s Mobile Workforce Secure and Manage Mobile Devices and Users with Total Defense Mobile Security Table of Contents Executive Summary..................................................................................
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationPKI is Alive and Well: The Symantec Managed PKI Service
PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions
More informationDeliverySlip for Dental Practices
DeliverySlip for Dental Practices Introduction This white paper will detail why email encryption has become a must have tool for dental practices. In addition to HIPAA and Omnibus Rule compliance, it also
More informationSECURING CORPORATE ASSETS WITH TWO FACTOR AUTHENTICATION
SECURING CORPORATE ASSETS WITH TWO FACTOR AUTHENTICATION Introduction Why static passwords are insufficient Introducing two-factor Authentication Form Factors for OTP delivery Contact information OTP generating
More informationEBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS
EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS HOW SECURE IS YOUR VPN ACCESS? Remote access gateways such as VPNs and firewalls provide critical anywhere-anytime connections to the networks
More informationMitel MiCollab. Keeping people connected and productive anytime, anywhere, on any device
Mitel MiCollab Keeping people connected and productive anytime, anywhere, on any device Effective collaboration among employees, partners and customers is a critical driver of any organization s success.
More informationAuthentication and Fraud Detection Buyer s Guide
Entrust, Inc. North America Sales: 1-888-690-2424 entrust@entrust.com EMEA Sales: +44 (0) 118 953 3000 emea.sales@entrust.com November 2008 Copyright 2008 Entrust. All rights reserved. Entrust is a registered
More informationThe simplified guide to. HIPAA compliance
The simplified guide to HIPAA compliance Introduction HIPAA, the Health Insurance Portability and Accountability Act, sets the legal requirements for protecting sensitive patient data. It s also an act
More informationMitel MiCollab. Keeping People Connected and Productive Anytime, Anywhere, on Any Device
Mitel MiCollab Keeping People Connected and Productive Anytime, Anywhere, on Any Device Effective collaboration among employees, partners and customers is a critical driver of any organization s success.
More informationCipherCloud CASB+ Connector for ServiceNow
ServiceNow CASB+ Connector CipherCloud CASB+ Connector for ServiceNow The CipherCloud CASB+ Connector for ServiceNow enables the full suite of CipherCloud CASB+ capabilities, in addition to field-level
More informationProtect Yourself Against VPN-Based Attacks: Five Do s and Don ts
White Paper Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts Don t let stolen VPN credentials jeopardize your security March 2015 A TECHTARGET WHITE PAPER Most IT professionals take for
More informationTwo-Factor Authentication over Mobile: Simplifying Security and Authentication
SAP Thought Leadership Paper SAP Digital Interconnect Two-Factor Authentication over Mobile: Simplifying Security and Authentication Controlling Fraud and Validating End Users Easily and Cost-Effectively
More informationSecuring Your Most Sensitive Data
Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way
More informationhidglobal.com Still Going Strong SECURITY TOKENS FROM HID GLOBAL
Still Going Strong SECURITY TOKENS FROM HID GLOBAL Contents Protecting Identities and sensitive data 03 Defining the Right Approach 05 HID Global Authentication Devices 06 HID Global Authentication Ecosystem
More informationRHM Presentation. Maas 360 Mobile device management
RHM Presentation Maas 360 Mobile device management Strong adoption in the enterprise Manufacturing Financial Consumer Healthcare Public Others 2 Trusted by over 9,000 customers Recognized Industry Leadership
More informationIDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO
IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO (US) @BEN_SMITH IDENTITY = THE MOST CONSEQUENTIAL ATTACK VECTOR Confirmed data breaches involving weak, default
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationINCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.
INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS Protect Critical Enterprise Applications and Cardholder Information with Enterprise Application Access Scope and Audience This guide is for
More informationTrusted Computing Today: Benefits and Solutions
Trusted Computing Today: Benefits and Solutions Brian D. Berger EVP Marketing & Sales Wave Systems Corp. bberger@wavesys.com Copyright 2009 Trusted Computing Group Agenda TCG Vision TCG Benefits Solution
More informationSecuring Health Data in a BYOD World
Business White Paper Securing Health Data in a BYOD World Five strategies to minimize risk Page 2 of 9 Securing Health Data in a BYOD World Table of Contents Page 2 Introduction Page 3 BYOD Adoption Drivers
More informationMaximize your move to Microsoft in the cloud
Citrix and Microsoft 365: Maximize your move to Microsoft in the cloud 3 reasons to manage Office 365 with Citrix Workspace Pg. 2 Pg. 4 Citrix.com e-book Maximize your Citrix Workspace 1 Content Introduction...3
More informationChallenges and. Opportunities. MSPs are Facing in Security
Challenges and Opportunities MSPs are Facing in 2017 Security MSPs work in an environment that is constantly changing for both the needs of customers and the technology in which they provide. Fanning the
More informationA Quick Guide to EPCS. What You Need to Know to Implement Electronic Prescriptions for Controlled Substances
A Quick Guide to EPCS What You Need to Know to Implement Electronic Prescriptions for Controlled Substances Many healthcare providers have delayed implementing electronic prescriptions for controlled substances
More informationIntegrated Access Management Solutions. Access Televentures
Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1
More informationINNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY
INNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY Verisec is a Swedish IT-security company specialized in digital identity and information security solutions for the banking and payments industry.
More informationData Security at Smart Assessor
Data Security at Smart Assessor Page 1 Contents Data Security...3 Hardware...3 Software...4 Data Backups...4 Personnel...5 Web Application Security...5 Encryption of web application traffic...5 User authentication...5
More informationIDENTITY: A KEY ELEMENT OF BUSINESS-DRIVEN SECURITY
IDENTITY: A KEY ELEMENT OF BUSINESS-DRIVEN SECURITY Identity is replacing perimeter as the primary defensive frontline OVERVIEW Organizations have been grappling with identity and access management since
More informationThe Benefits of Strong Authentication for the Centers for Medicare and Medicaid Services
The Benefits of Strong Authentication for the Centers for Medicare and Medicaid Services This document was developed by the Smart Card Alliance Health and Human Services Council in response to the GAO
More informationEvolved Backup and Recovery for the Enterprise
Evolved Backup and Recovery for the Enterprise with Asigra technology Working gives me confidence in my data protection plan. I know that if I ever need to restore, it will take a few minutes rather than
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationCloud SSL Certificate Services
Cloud SSL Certificate Services Security Beyond the Certificate 0844 334 3347 www.cloudssl.co.uk Why Cloud SSL? Trusted by more than 5,000 organizations in 85 countries Complete line of digital certificates
More informationWhite Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security
White Paper The Impact of Payment Services Directive II (PSD2) on Authentication & Security First Edition June 2016 Goode Intelligence All Rights Reserved Published by: Goode Intelligence Sponsored by:
More informationIntel and Symantec: Improving performance, security, manageability and data protection
Intel and Symantec: Improving performance, security, manageability and data protection Terry Cutler Enterprise Solution Architect Omid Meshkin Strategic Business Development 1 Session Objectives By the
More informationIT Boosting Employee & Business Productivity with Innovative Technologies and Solutions Refresh Now
IT Boosting Employee & Business Productivity with Innovative Technologies and Solutions Refresh Now Lawson Lu Site Manager Vietnam August 20, 2013 Legal Notices This presentation is for informational purposes
More informationKey Authentication Considerations for Your Mobile Strategy
Key Authentication Considerations for Your Mobile Strategy The Need for Mobile Authentication Reaches Critical Mass According to an old adage, consumers speak through their pocketbooks. While that saying
More informationHALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.
HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD Automated PCI compliance anytime, anywhere. THE PROBLEM Online commercial transactions will hit an estimated
More informationSmart Data Center Solutions
Smart Data Center Solutions New Data Center Challenges Require New Solutions Data Center Architecture. Inside and Out. Data centers are mission-critical facilities. A silo-based approach to designing,
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationHybrid Cloud for Business Communications
Hybrid Cloud for Business Communications THE ESSENTIAL GUIDE So you re considering hybrid cloud for your business communications. You re not alone! In fact, more and more businesses are turning to cloud
More informationFIS Global Partners with Asigra To Provide Financial Services Clients with Enhanced Secure Data Protection that Meets Compliance Mandates
Case Study FIS Global Partners with Asigra To Provide Financial Services Clients with Enhanced Secure Data Protection that Meets Compliance Mandates World s largest global provider dedicated to banking
More informationVerizon Software Defined Perimeter (SDP).
Verizon Software Defined Perimeter (). 1 Introduction. For the past decade, perimeter security was built on a foundation of Firewall, network access control (NAC) and virtual private network (VPN) appliances.
More informationSupport for the HIPAA Security Rule
white paper Support for the HIPAA Security Rule PowerScribe 360 Reporting v1.1 healthcare 2 Summary This white paper is intended to assist Nuance customers who are evaluating the security aspects of PowerScribe
More informationGLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications
GLOBALPROTECT Prevent Breaches and Secure the Mobile Workforce GlobalProtect extends the protection of Palo Alto Networks Next-Generation Security Platform to the members of your mobile workforce, no matter
More informationPut Identity at the Heart of Security
Put Identity at the Heart of Security Strong Authentication via Hitachi Biometric Technology Tadeusz Woszczyński Country Manager Poland, Hitachi Europe Ltd. 20 September 2017 Financial security in the
More informationOverview. DigitalPersona Logon for Windows Data Sheet. DigitalPersona s Composite Authentication transforms
DigitalPersona Logon for Windows Data Sheet Overview DigitalPersona s Composite Authentication transforms the way IT executives protect the integrity of the digital organization by going beyond two-factor
More informationYubico with Centrify for Mac - Deployment Guide
CENTRIFY DEPLOYMENT GUIDE Yubico with Centrify for Mac - Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component
More informationRelated Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)
PRESENTED BY: Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced) One of the main problems that customers face with the adoption of SaaS and cloud-based apps is how to deliver the
More informationMaaS360 Secure Productivity Suite
MaaS360 Secure Productivity Suite Frequently Asked Questions (FAQs) What is MaaS360 Secure Productivity Suite? MaaS360 Secure Productivity Suite integrates a set of comprehensive mobile security and productivity
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationsecurity FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.
security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. Security for Your Business Mitigating risk is a daily reality for business owners, but you don t have
More informationThe CISO s Guide to Deploying True Password-less Security. by Bojan Simic and Ed Amoroso
The CISO s Guide to Deploying True Password-less Security by Bojan Simic and Ed Amoroso TRUST ANYONE HYPR Deployment Overview for Managers HYPR is designed to eliminate credential stuffing, phishing and
More informationBring Your Own Device. Peter Silva Technical Marketing Manager
Bring Your Own Device Peter Silva Technical Marketing Manager Bring-Your-Own-Device (BYOD) Personal devices for business apps Why implement BYOD? Increase employee satisfaction, productivity Reduce mobile
More informationBest Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter
White Paper Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter Overcoming Security, Privacy & Compliance Concerns 333 W. San Carlos Street San Jose, CA 95110 Table of Contents
More informationProtecting Against Online Fraud. F5 EMEA Webinar August 2014
Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture
More informationThe Device Has Left the Building
The Device Has Left the Building Mobile Security Made Easy With Managed PKI Christian Brindley Principal Systems Engineer, Symantec Identity and Information Protection Agenda 1 2 3 Mobile Trends and Use
More informationUnlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.
Unlocking Office 365 without a password How to Secure Access to Your Business Information in the Cloud without needing to remember another password. Introduction It is highly likely that if you have downloaded
More informationBULLETPROOF365 SECURING YOUR IT. Bulletproof365.com
BULLETPROOF365 SECURING YOUR IT Bulletproof365.com INTRODUCING BULLETPROOF365 The world s leading productivity platform wrapped with industry-leading security, unmatched employee education and 24x7 IT
More informationDefender 5: The Right Way to Prove, Identify and Establish Trust
Defender 5: The Right Way to Prove, Identify and Establish Trust Introduction Before the Internet, business transactions were typically conducted face-to-face, so establishing your business partner s identity
More information