Trust but verify

Access & Identity Management Handbook 2014 Access Control & Identity Management

As both personal and corporate data and applications move to the cloud and mobile devices, the saying ‘trust but verify’ takes on new meaning. It captures the practical reality of a world in which so many of our interactions occur online. More than ever, we need mechanisms to verify the identity of the entities with whom we interact.

Among the most important best practices is authentication beyond simple passwords. Enterprises have typically focused on securing the network perimeter and relied on static passwords to authenticate users inside the firewall. This is insufficient given the multifarious nature of today’s Advanced Persistent Threats (APTs), ad hoc hacking, and internal risks associated with Bring Your Own Device (BYOD) adoption. Static passwords can be a recipe for disaster and must be extended with other authentication factors. Additionally, multi-factor authentication must be part of a multi-layered security strategy, including device authentication, browser protection, transaction authentication/pattern-based intelligence, and application security. This requires the use of an integrated multi-layered authentication and real-time threat detection platform.

Fraud detection technology has been used in on-line banking and e-commerce for quite some time. Significant changes in this landscape led the industry to institute stringent compliance and customer data protection requirements. Compliance requires the full gamut of authentication and fraud prevention strategies, as well as both on-line and mobile payment security. Solutions must also comply with multifactor authentication options including mobile One Time Password (OTP) soft tokens, transparent authentication, and Public Key Infrastructure (PKI) certificates, along with proactive fraud detection and tamper-evident audit reporting.

Fraud detection technology is expected to cross over into the corporate sector as a way to provide an additional layer of security for remote access use cases such as VPNs or virtual desktops. Meanwhile, two-factor authentication measures, which have typically been confined to OTP tokens, display cards and other physical devices, are now also being delivered through soft tokens that can be held on such user devices as mobile phones, tablets, and browser-based tokens. A phone app generates an OTP, or OTPs are sent to the phone via SMS. For greater security, the authentication credential is stored on the mobile device’s secure element or subscriber identity module (SIM) chip. Mobile tokens also can be combined with cloud app single-sign-on capabilities, blending classic two-factor authentication with streamlined access to multiple cloud apps on a single device.

As identity management moves to the cloud there are other critical considerations. Today, much of the security discussion is focused on securing the platform, but as enterprises continue to move applications into the cloud and take advantage of the Software as a Service (SaaS) model, it will be critical to resolve challenges around provisioning and revoking user identities across multiple cloud-based applications, while also enabling secure, frictionless user login to those applications.

In the BYOD environment, secure authentication becomes even more important, and several other security issues also emerge. IT departments won’t be managing these devices, so it won’t be possible to control other, potentially untrustworthy personal apps they may carry, or to load a standard image onto them with anti-virus and other protective software. Nor will organisations be able to retrieve devices when employees leave. We will need to find new and innovative ways to address these and other challenges

Notwithstanding the risks, the use of BYOD phones, tablets and laptops for access control opens opportunities for powerful new contactless authentication models, from tapping your corporate ID badge to a personal tablet for authenticating to a network, to using an NFC-enabled phone not only as your access credential but also the key for entering your building or apartment.

Source: https://www.hidglobal.com/blog/trust-verify

For more information contact HID Global, +27 (0)82 449 9398, [email protected], www.hidglobal.com



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Who has access to your face?
Access Control & Identity Management Residential Estate (Industry) AI & Data Analytics
While you may be adjusting your privacy settings on social media or thinking twice about who is recording you at public events, the reality is that your facial features may be used in other contexts,

Read more...
Smarter security for safer estate living
neaMetrics Suprema Integrated Solutions Surveillance Access Control & Identity Management Residential Estate (Industry)
The expansion of residential estates has led to many communities being constructed with security as an afterthought. Unfortunately, fencing, cameras, and a guard at the gate only create a false sense of safety, which vanishes after the first incident.

Read more...
Visitor management views
Entry Pro ATG Digital Technews Publishing SMART Security Solutions Access Control & Identity Management Residential Estate (Industry)
Visitor management is always changing, taking technology and legislation into account. SMART Security Solutions examines the latest trends with input from ATG Digital and Entry Pro.

Read more...
Securing your estate beyond the gate
ATG Digital Access Control & Identity Management Residential Estate (Industry) AI & Data Analytics
Protecting gated communities and lifestyle estates requires a modern, intelligent approach. A truly intelligent system protects both physical and digital perimeters, it must be a fully integrated ecosystem.

Read more...
Reliability, innovation and flexibility
Entry Pro Access Control & Identity Management Residential Estate (Industry) Products & Solutions
Through constant innovation and advancement in technology and systems, Entry Pro strives to provide its clients with not only the most suitable, but also the most advanced solution.

Read more...
Smarter security with automated visitor management
LD Africa Access Control & Identity Management Residential Estate (Industry) Products & Solutions
Automated visitor management solutions, like LD Access, are transforming this process by reducing human workload, while enhancing security and efficiency.

Read more...
Paxton enhances installer loyalty programme
Paxton Access Control & Identity Management News & Events
Paxton has made it easier for security installers to benefit from its popular loyalty programme, Paxton Rewards, with points now added automatically when purchasing through approved distribution partners.

Read more...
Identity, Security & Access Alliance focuses on intelligence and integration
SMART Security Solutions Ideco Biometrics BoomGate Systems Bosch Building Technologies Technews Publishing Integrated Solutions Surveillance Access Control & Identity Management
The Identity, Security & Access Alliance (ISAA) hosted several launch events in Johannesburg in August, showcasing the participating companies’ technical solutions with a primary focus on the solutions made possible by integrating high-quality systems to deliver comprehensive solutions.

Read more...
Rethinking access control in high-risk logistics environments
ATG Digital Access Control & Identity Management Transport (Industry) Logistics (Industry) Facilities & Building Management
South Africa’s logistics sector is under constant pressure, not only from external threats like hijackings and cargo theft, but also from internal vulnerabilities, operational blind spots, and limited support.

Read more...
Nice unveils MyNice Smartgo
News & Events Access Control & Identity Management
Nice SA has announced the release of MyNice Smartgo, a compact access automation solution, designed specifically for the South African market, combining an easy-to-install device with a user-friendly smartphone application.friendly smartphone application.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.