Tokenless Two Factor Authentication – More Secure and More Cost Effective than Using Tokens
Computers & Technology → Networking
- Author Mitchel Smith
- Published March 12, 2012
- Word count 615
Are you or your organization re-evaluating its use of SecurID tokens following the RSA breach? After the March attack on RSA, where hackers stole information later used in an attack on U.S. defense contractor Lockheed Marin, RSA was forced to offer replacement SecurID keys to all its tens of millions of customers. The recent data breach at RSA security is encouraging IT professionals to re-evaluate alternative authentication methods and to reconsider the safety of token based authentication.
Dedicated tokens, like the ones produced by RSA, provide a onetime password typically every 60 seconds and have been the traditional approach to two factor authentication for many years. More recently, tokenless solutions have been the talk of two facto authentication mainly for their ability to deliver one time passwords on demand to a standard mobile phone or smart phone. Most people carry one of these devices with them all the time.
A tokenless solution eliminates the need to carry a separate piece of hardware, such as a keyfob, and reduces the costs and time associated with provisioning new and replacement tokens. Tokens remain the most used solution for frequent users who rely on getting secure remote access to systems and information from any computer at any time.
Two factor authentication has become an IT security necessity for many reasons. Threats are increasing in frequency and sophistication. Industry regulators like PCI DSS, FFIEC, HIPAA and Sarbanes-Oxley require it. Your employees, customers and shareholders expect you to protect the sensitive data you are storing and transmitting on their behalf.
Security tokens and many other forms of two factor authentication have proven to be inconvenient for your users, troublesome for your IT department, and expensive to implement and support. Phone based authentication provides strong two factor security with the easy and convenience your users and your IT department demand at a fraction of the cost.
Tokens and other similar devices don’t protect against emerging threats, such as man-in-the-middle-attacks. Out of band authentication, which utilizes a separate channel for the second factor of the authentication, is widely recognized as a best practice for two factor authentication. Any device, such as a security token, keyfob, usb token and soft token, which requires an OTP to be keyed into the original login interface, don’t meet the criteria for out of band authentication and are vulnerable to attack.
Token based systems require training and requires users to change their behavior. Sometimes users have a difficult time remembering which order the PIN and token digits are entered. Some systems require administrators to modify applications before they will work.
Since some security tokens must be mailed, provisioned, inventoried and replaced, they require IT resources to deploy and support. An IT department can become a material part of the total cost of ownership for a token solution because of lost security tokens, expiring tokens that must be re-provisioned every 2-5 years and tokens can get out of sync, meaning the one time password that is generated is not the same one the login application is expecting.
Tokenless two factor authentication doesn’t require security tokens or other devices to deploy or manage and no software or certificates for end users to install so it requires very little effort to implement and virtually no ongoing support.
Tokenless two factor authentication is much more cost effective to implement because there are no needs for a huge IT department, security tokens or other devices and require minimal training to use. Most tokenless two factor authentication solutions have a low annual fee per user or per authorization, no hardware to purchase or install, no security tokens or devices to manage and users replace their own lost or damaged phones.
Mitchel Smith offers remote access security information to businesses to provide better data privacy for consumers. He believes two-factor authentication through a one-time password is the future of data breach protection.
Article source: https://articlebiz.comRate article
Article comments
There are no posted comments.
Related articles
- Optimize Your Website for the Better Sight
- How To Develop & Implement A Network Security Plan
- Mastering VoIP: Overcoming Common Communication Challenges
- What Concerns Do Enterprises Have When Choosing Network Monitoring Software?
- Spectrum Router Red Light: Troubleshooting Guide and Solutions
- Web Development Made Easy: Why Outsourcing is the Smart Choice
- INTERNET OF THINGS
- Enhancing Business Communication with 3CX: A Powerful Unified Communications Solution
- How to Fix "No Signal, Please Check Your Antenna Connection" Error
- AN INTRODUCTION TO INTERNET MARKETING
- Passwordless is the New Cyber Security, Emir Ceric’s Meveto Transform Verification, Logging In and Remote Sign Out
- The Ultimate Guide to Master YouTube and Monetization
- Preventing data theft in an enterprise environment
- The Art Of Cold Calling [Mastery In Seven Simple Steps]
- Quantum Computing and the future of IT Security
- 5G TECHNOLOGY AND IOT: HOW DO THESE TRENDS RELATE?
- SkyVPN Launches New Gaming Servers with Dedicated Servers for PUBG
- Smm reseller panel
- Steps to Transfer Files Using Kindle Desktop Application
- Save time on your FTP updates with FTPGetter Professional
- Add a file hosting and sharing service to your site with YetiShare
- MCS Multicast Switch for Next Generation ROADM
- Business Networking Tips for Beginners
- Using Virtual Serial Ports in Proteus
- Network Security Checklist for All Types of Businesses
- Create Your Own File-Hosting Website with YetiShare
- Cat5 cable vs Cat6 Cables: What are the Contrast?
- Automate FTP Downloads and Uploads with FTPGetter Professional
- On Demand Freelance Marketplace For Field Engineers
- Cisco Network Infrastructure Services in San Francisco