Skip to main content
Image
purple hex pattern

Reduce risk by strengthening authentication security and efficiency

Although simple passwords are still used for many applications, the expanding use of web-based technology has driven the stakes higher, spawned more sophisticated and complex threats, and led to stricter regulation. New products and services must be delivered with suitable and appropriate security from the outset and legacy systems must be reappraised. For these reasons and others, more organizations are implementing strong authentication solutions that go beyond passwords.

Challenges

To find an approach that aligns with the specific requirements of their applications, organizations can choose from a broad range of vendor products or assemble their own solutions. But whether they are authenticating employees or mobile customers on a busy web site, organizations are challenged to provide strong authentication in the following ways:

  • Support industry specific mandates and authentication schemes. In the payment industry, for example, organizations must roll out support for EMV cards and support for online authentication schemes such as the 3D Secure protocol.
  • Provide support for emerging multi-factor authentication technologies. No authentication technology represents a silver bullet and most organizations are forced to support a range of mechanisms that evolve over time as new technologies hit the market.
  • Maintain a consistent security posture across the authentication infrastructure. As stronger authentication technologies in the form of user tokens and biometrics are introduced, the organization needs to increase the level of security of back-end systems in order to avoid exposing inconsistencies that might represent new points of attack.
  • Keep strong authentication manageable. Given that many different authentication technologies can be used within a single organization, some organizations are improving efficiency by consolidating authentication systems with centralized, multi-protocol authentication systems.

Solutions

Strong Authentication: Entrust Solutions

Products and services from Entrust can help you reduce risk by strengthening authentication security and efficiency. By adding Entrust nShield Hardware Security Modules (HSMs) to your current authentication processes, you can create high-assurance systems to authenticate users paying for products and services through web sites and mobile devices, employees using internal systems, and a variety of connected devices accessing the network. Expertise in a wide range of authentication schemes and partnerships with major vendors ensure that your chosen systems will integrate easily with nShield HSMs.

Benefits

Benefits Delivered by Entrust nShield HSMs

  • Easily strengthen many different types of commercial authentication solutions with pre-tested integration with nShield HSMs.
  • Harden proprietary authentication processes to protect intellectual property and guard against malicious attack.
  • Consolidate and centralize many different types of authentication into a single, flexible platform.
  • Adopt a cross-token or multi-vendor approach to authentication, avoiding vendor lock-in and enabling technology migration without requiring the churn of back-end authentication systems.
  • Select the most appropriate authentication scheme from a range of choices based on business requirements—while ensuring consistency in the areas of application integration, system protection and policy enforcement.

Resources

Solution Briefs: Ping Identity

Entrust nShield HSMs and Ping Identity deliver a standards-based cloud single sign-on solution with FIPS certified cryptography that provides access to on-premises and cloud-based resources. From smartphones to tablets to cloud-based applications, today’s enterprise users have more ways to access their data than ever before – and they expect to get access quickly and easily. To satisfy enterprise security requirements and user demands, organizations require a comprehensive identity management system.

Ping Identity