printer friendly version

Secure authentication for company networks

ESET has announced the general availability of ESET Secure Authentication, a two-factor authentication (2FA) software solution for small and medium businesses (SMBs). This application makes use of remote end-users’ mobile devices to deliver a one-time password (OTP) when they connect to company networks, providing added security to the network and the device. ESET Secure Authentication is available immediately through the ESET Southern Africa partner network.

Said Carey van Vlaanderen, CEO, ESET Southern Africa, “ESET Secure Authentication is simple to use, easy to administer and provides a critical layer of security for remote users. We believe the market for software-based authentication is healthy and growing, and we want to make sure our SMB customers have access to critical security options that work the way they work.”

According to a recent report by Frost & Sullivan, the global OTP market will approach US $1,1 billion by 2016 and the software OTP segment is growing at a compound annual growth rate (CAGR) of approximately 10,3%. Poor passwords and unsecured remote network access make every business a potential target and a potential customer. With millions of passwords compromised each year, many companies have already experienced data loss, damage to their reputations and decreased revenue. Cybercriminals do not just focus on the largest enterprises. As the threat landscape evolves, small businesses prove attractive targets.

“Criminal hacking is increasingly sophisticated and organised, and it is constantly growing in both scale and scope. What many smaller businesses do not realise is that they are an appealing target to cyber criminals – a tempting combination of opportunity, access, and potential return,” adds van Vlaanderen. “If you are in business today and not employing multifactor protection on your systems, then you are putting your customers, your reputation and your livelihood at risk.”

When customer information is on the line, passwords alone are not enough. A host of regulations compel businesses of every size to protect that information or face the possibility of legal action which may include penalties, commerce restrictions and substantial fines. Examples of regulations that specifically require two-factor authentication include: Payment Card Industry Data Security Standards (PCI DSS).

In a South African context, there are regulations that set standards for the secure management of information, most notably the Electronic Communications and Transactions Act (ECT). According to Drew van Vuuren, CEO of 4Di Privaca, a specialist information security and privacy practice: “In a broader context the forthcoming Protection of Personal Information (POPI) act will provide guidelines around the secure processing of personal information which includes a secure access methodology. These regulations highlight the importance that multi-factor authentication holds in the protection of customer information and key business data.”

Designed to be very simple to install, easy to configure and convenient to manage, ESET Secure Authentication offers e-mail protection for Outlook Web Access/App (OWA) and connectivity protection for VPN customers who use RADIUS, the ubiquitous Remote Authentication Dial-In User Service networking protocol. Because the solution is both lightweight and readily administered, it provides SMB customers with a compelling total cost of ownership.

Key benefits

Automatic Configuration: Installation of the mobile application is designed to be simple and seamless, starting with a ‘double-click’ installer. The user clicks on a link in a text message sent from ESET to their device. This automatically installs and activates the application. Text-based SMS messages are supported for users who cannot install, or have not yet installed, the mobile application. The application itself will be available for download via Google Play, the Apple App Store, BlackBerry App World or directly from ESET provisioning servers.

Familiar Management Environment (MMC and ADUC snap-in): Windows operating system administrators will value the familiar Active Directory Users & Computers management tool and snap-in integration with the Microsoft Management Console (MMC). ESET Secure Authentication is tested and supported on Windows Server 2003, 2003 R2, 2008, 2008 R2 and 2012.

Broad Mobile Platform Support: ESET Secure Authentication makes use of users’ mobile devices including iPhone, Android, BlackBerry, Windows Phone 7 and 8, Windows Mobile, and J2ME-based devices.

Protection of Outlook Web Access/App Endpoints: OWA is integrated with ESET two-factor authentication via a native plug-in. The application prevents access to OWA until the user has successfully authenticated with their unique one-time password.

Protection of RADIUS Endpoints: RADIUS is the de-facto standard networking protocol for user authentication in the VPN market. RADIUS serves three functions: to authenticate users or devices before granting them access to a network, to authorise those users or devices for certain network services and to account for usage of those services.

For more information contact ESET-SA, +27 (0)21 659 2000, [email protected], www.eset.co.za

Share this article:

Further reading: