Next Generation Authentication

Similar documents
IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Identity Management as a Service

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Security. Risk Management. Compliance.

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

IDENTITY: A KEY ELEMENT OF BUSINESS-DRIVEN SECURITY

Are You Flirting with Risk?

<Partner Name> <Partner Product> RSA SECURID ACCESS. NetMove SaAT Secure Starter. Standard Agent Client Implementation Guide

Are You Flirting with Risk?

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Advantage Cloud Two-Factor Security Process

How Next Generation Trusted Identities Can Help Transform Your Business

<Partner Name> RSA SECURID ACCESS Standard Agent Implementation Guide. WALLIX WAB Suite 5.0. <Partner Product>

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

ADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI. Adaptive Authentication in IBM Tivoli Environments. Solution Brief

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

HIPAA Compliance discussion

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

Combating Cyber Risk in the Supply Chain

The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

Maximize your move to Microsoft in the cloud

Virtual Machine Encryption Security & Compliance in the Cloud

Make security part of your client systems refresh

Application Security at Scale

MITIGATE CYBER ATTACK RISK

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Securing today s identity and transaction systems:! What you need to know! about two-factor authentication!

CIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products

White Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security

<Partner Name> <Partner Product> RSA SECURID ACCESS. VMware Horizon View 7.2 Clients. Standard Agent Client Implementation Guide

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Strong Authentication for Physical Access using Mobile Devices

Cloud Security Myths Paul Mazzucco, Chief Security Officer

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Modern Database Architectures Demand Modern Data Security Measures

INNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY

Using Biometric Authentication to Elevate Enterprise Security

Securing Wireless Mobile Devices. Lamaris Davis. East Carolina University 11/15/2013

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

Welcome to the SafeNet Day! Prague 1st of October Insert Your Name Insert Your Title Insert Date

Key Authentication Considerations for Your Mobile Strategy

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Five Reasons It s Time For Secure Single Sign-On

The Device Has Left the Building

Safelayer's Adaptive Authentication: Increased security through context information

FOR FINANCIAL SERVICES ORGANIZATIONS

Choosing the right two-factor authentication solution for healthcare

Protecting organisations from the ever evolving Cyber Threat

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Adaptive Authentication Adapter for Citrix XenApp. Adaptive Authentication in Citrix XenApp Environments. Solution Brief

Securing the Cloud Today: How do we get there?

Yubico with Centrify for Mac - Deployment Guide

Certificate Enrollment for the Atlas Platform

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

To the Designer Where We Need Your Help

THE SECURITY LEADER S GUIDE TO SSO

Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts

Google Identity Services for work

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

PKI is Alive and Well: The Symantec Managed PKI Service

GDPR How we can help. Solvit Networks CA. ALL RIGHTS RESERVED.

Making Security a Business Enabler

AS emas emudhra Authentication Solution

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

HOB HOB RD VPN. RSA SecurID Ready Implementation Guide. Partner Information. Product Information Partner Name. Last Modified: March 3, 2014 HOB

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

Who s Protecting Your Keys? August 2018

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

Dissecting NIST Digital Identity Guidelines

Mobile Field Worker Security Advocate Series: Customer Conversation Guide. Research by IDC, 2015

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Przejmij kontrolę nad użytkownikiem, czyli unifikacja dostępu do aplikacji w zróżnicowanym środowisku

SIEM: Five Requirements that Solve the Bigger Business Issues

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

RSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief

CipherCloud CASB+ Connector for ServiceNow

To Audit Your IAM Program

Keep the Door Open for Users and Closed to Hackers

Say Goodbye to Enterprise IT: Welcome to the Mobile First World. Sean Ginevan, Senior Director, Strategy Infosecurity Europe

DigitalPersona for Healthcare Organizations

VMware Identity Manager vidm 2.7

2018 Edition. Security and Compliance for Office 365

Authentication Technology for a Smart eid Infrastructure.

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

Identity & Access Management

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

THE EVOLUTION OF SIEM

Pulse Secure Policy Secure

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

EXPERIENCE SIMPLER, STRONGER AUTHENTICATION

Transcription:

Next Generation Authentication Bring Your Own security impact Dominique Dessy Sr. Technology Consultant 1

2012 DIGITAL UNIVERSE 1.8 ZETTABYTES 1,800,000,000,000,000,000,000 2

$ 3

4

Threat Landscape 60% OF FORTUNE 500 had email addresses compromised by malware Source : RSA Security Brief, February 2011 Malware and the Enterprise 5

Threat Landscape 88% of Fortune 500 had BOTNET ACTIVITY associated with their networks Source : RSA Security Brief, February 2011 Malware and the Enterprise 6

Threat Landscape Of the 60 million variants of malware in existence today ONE-THIRD were created last year alone Source : RSA Security Brief, February 2011 7

8

are the New Perimeter People 9

Advanced Threats 83% of organizations believe they have been the victim of an Advanced Threats 65% of organizations don t believe they have sufficient resources to prevent Advanced Threats 91% of breaches led to data compromise within days or less 79% of breaches took weeks or more to discover Source: Ponemon Institute Survey Conducted Growing Risk of Advanced Threats Source: Verizon 2011 Data Breach Investigations Report 10

RSA Approach GOVERNANCE Manage Business Risk, Policies and Workflows ADVANCED VISIBILITY AND ANALYTICS Collect, Retain and Analyze Internal and External Intelligence INTELLIGENT CONTROLS Rapid Response and Containment Cloud Network Mobility 11

Authentication 12

Today s Challenge: Establishing Trusted Identities Diverse User Population BYOD Cloud and Managed Service Advanced Threats 13

Diverse User Populations Require Choice Internal Employees, Temporary Employees, Contractors, Partners, Clients, Customers, Auditors, Remote workers Choice of credentials to meet convenience requirements External users and customers require convenient and easy to manage solutions Scalability and costs aligned with size of user population Large user populations require lower cost per user Scalability to address future authentication plans Single management platform Ability to manage choice of credentials on a single platform to minimize IT resources and maximize efficiency 14

BYOD Protect Access from Any Device Use of the mobile device as the authenticator Strong authentication natively integrated with 3 rd party remote access applications Authentication SDKs accessible on application development platforms for custom app development 15

Cloud Extend Authentication Controls Secure authentication and identity validation to cloud-based resources Seamless federation of authentication credentials to cloud applications Integrated approach to authentication and cloud-based identity management TO THE CLOUD Hosted and managed strong authentication services FROM THE CLOUD 16

Threats Layer Authentication Controls RISK BASED ANALYSIS Evaluate risk of activity based on device and user characteristics Compare risk to accepted policy controls CREDENTIAL MATCHED TO RISK Require user credential appropriate to risk level Allow different credentials for different use cases and users MONITORING AND REPORTING Monitor risk levels and adjust policies Report activities for compliance audits 17

Technologies 18

One-time Password (OTP) Two-factor Authentication: OTP = PIN + Tokencode PIN: Something the user knows Tokencode: Something the user has 19

Digital Certificates (PKI) User Key Recovery Module Device Certificate Authority Application Validation Manager 20

Dynamic Knowledge-based Authentication 21

Behavior Device Fraud Risk-based Authentication Risk Engine 271 937 Policy Mgr. Authenticate Continue Web Mobile App, Browser Web Access Management SSL/VPN Feedback Out-of-band Challenge Knowledge Others Step-up Authentication Feedback Case Mgmt Feedback 22

RSA Mobile Authentication SDKs Software Development Kit (SDK) for mobile apps Sample application, documentation and library for embedding functionality in mobile apps Free of charge for RSA customers and RSA Secured partners Developers can choose from the following functionality SecurID OTP Module Import software tokens, generate OTP User visible or invisible OTP Adaptive Authentication Module Retrieve device identifiers and location information for risk evaluation by Adaptive Authentication Transaction Signing 23

Specialized Authentication Acceptance 24

BYOD Security Impact Summary Evolving Threat Landscape Information Explosion Diverse User Population BYOD Cloud Developments Intelligent Risk Management Authentication Control is Key Strong Authentication Choice (Direct and via SDK) One-time Passwords Digital Certificates Knowledge-based Authentication Risk-based Authentication BYOD renews focus on security management and authentication 25

THANK YOU 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback