SlideShare ist ein Scribd-Unternehmen logo

Authentication Solutions Buyer's Guide

Scott Valentine, MBA, CSPO
Scott Valentine, MBA, CSPO

Individuals who would like more details regarding strong authentication methods available today to secure access to corporate networks and enterprise or customer applications. Learn how your environment will dictate which method is right for you.

Technologie
1 von 12
A guide for assessing technology options for Symantec's portfolio of solutions Authentication Solutions Buyer's Guide Who should read this paperWho should read this paper Individuals who would like more details regarding strong authentication methods available today to secure access to corporate networks and enterprise or customer applications. Learn how your environment will dictate which method is right for you. WHITEPAPER: AUTHENTICATIONSOLUTIONSBUYER'SGUIDE ........................................
Content Executive Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Why You Need Strong Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Assessing Options for Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Risk-based Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 One-time Password Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 How to Choose the Right Kind of Strong Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Strong Authentication with Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Symantec Strong Authentication Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Symantec™ Validation and ID Protection (VIP) Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Symantec™ Managed PKI Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Make the Move to Strong Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions
Executive Summary Authentication is the most visible security control for applications used by enterprises and their customers. It controls access and plays a crucial role for enforcing security policy. Frequently, authentication requires just a simple user ID and password, which makes it a weak, exploitable target for criminals. Your challenge is to use a stronger, cost-effective authentication solution that is easy to use. Capture the benefits of strong authentication • Simple passwords are not enough protection • Stronger access security uses multifactor authentication such as risk-triggered challenges, one-time passwords, or digital certificates • Symantec’s strong authentication portfolio lets you mix and match the right solution for your requirements A range of strong authentication technology from Symantec helps you overcome the vulnerabilities associated with simple passwords by augmenting them with additional authentication factors such as user device identifiers, risk-based challenges, one-time passwords, or digital certificates. This approach raises the bar for would-be attackers because even if they steal a user’s name and simple password, it’s still not enough to get in. Choosing the best solution depends on your IT environment, your particular application or mix of applications, related business requirements that may require stronger security, and cost or usability considerations. Symantec solutions provide scalable, manageable, and cost-effective strong authentication for meeting requirements to protect your enterprise applications. Why You Need Strong Authentication Reliance on simple, easy-to-guess passwords is inadequate for securing your critical applications and data. For example, of 400,000 accounts compromised in a recent attack on a large Internet portal, the most common passwords were the actual word “password” and the numeric string 123456. 1 Hackers exploit weak passwords with automated attacks that try combinations of letters and numbers until the right one is found. Other hackers exploit social engineering with email or phone calls to trick unsophisticated users into divulging their password by pretending to be a trusted company employee such as a technical support specialist. Research shows that weak access security is a leading cause of data breaches – contributing to 82 percent of compromised records. 2 In large organizations, use of stolen credentials is the biggest cause of breaches and compromised records (Verizon Report, p. 26). For incidents like these, the use of a strong authentication solution can prevent the breach and compromise of sensitive data. Office computer users and remote workers need strong authentication to protect access to sensitive information in their organizations' servers and applications. Many government agencies such as the U.S. Department of Defense, or departments within government or commercial financial institutions, require strong authentication to log on to office computers on their networks because of the highly valuable and sensitive nature of these data. Strong authentication is also required or under consideration by some data protection regulations for private industry such as PCI DSS for retail, FFIEC for financial services, and HIPAA/HITECH for healthcare. Your business partners and customers are also well aware of security breaches and expect you to protect their data when used by your IT systems. Your use of strong authentication will help to gain their trust. It will also prevent breaches caused by risky use of technology by business partners and consumers. For example, business and consumer access to applications via mobile devices is rapidly growing. The use of weak credentials for accessing sensitive business applications such as online shopping and banking can result in a breach. 1- 2- http://www.businessinsider.com/most-popular-hacked-yahoo-passwords-2012-7 Verizon Business 2012 Data Breach Investigation Report (p. 25) Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 1
Assessing Options for Authentication As you acknowledge the need for stronger access security, the quest to specify a solution for your environment begins by asking: which authentication technology is the right one? The answer depends upon requirements determined by your applications and IT environment. Authentication starts with “something you know,” which is a user ID and password. Passwords will have varying degrees of strength. Weak passwords create vulnerabilities that facilitate hacking attacks such as guessing, brute force dictionary cracking, or man-in-the-middle interception. While your organization can strengthen a simple password against guessing and dictionary attacks by enforcing rules about their characteristics and lifespan, this often backfires because users will often take the risky step of writing them down in an insecure location when they feel the rules make things too complex. And the rules won’t stop social engineering, capture, or interception attacks. Two factors of proof make stronger authentication A mandatory requirement for strong authentication is the best defense. Strong authentication requires each person attempting access to present a second factor, which is “something you have,” in addition to a password. Even if an unauthorized person obtained your password, they could not gain access without the second factor. The strongest authentication systems use technologies called one-time passwords (OTP) or digital certificates to completely remove the vulnerabilities of password guessing or a man in the middle attack. A use-case requiring less stringent strong security can use a variant called risk-based authentication. Risk-based Authentication Risk-based authentication has recently gained acceptance as a reasonably good form of protecting logon security. One attraction is lower cost: risk-based authentication does not require the use of tokens, smartcards, or biometrics. It’s a simpler type of multifactor authentication that can significantly reduce costs associated with deployment to a large user population. It also eliminates associated burdens that may negatively affect usability of traditional solutions. Risk- based authentication works by establishing a baseline for normal user behavior when logging on to a system, such as recording what device and/or location they normally use for access. With risk-based authentication, when the logon behavior is normal, a simple password may be deemed acceptable. But when a log on is attempted by an unknown device or from an unusual location, the user is challenged to enter an additional code, which is emailed to them or sent to them via SMS text message. Risk-based authentication is included with Symantec™ Validation and Identity Protection (VIP). Risk-based Authentication Pros Cons Tokenless – no special application software or hardware required for users Optimal for web applications, but might not work with others Lower cost for a large user base Requires small, but necessary changes to server-based code of each web application Easier for unsophisticated users Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 2
One-time Password Authentication One-time-password (OTP) technology is a form of two-factor authentication (2FA). It’s often used for authenticating VPN and partner-facing web portals. OTP may also serve well for some custom applications. As mentioned, OTP solutions augment traditional user names and passwords with various choices for “something you have,” With OTP, a user PC, smartphone, or special hardware token, may all serve as a second factor during logon. With an OTP system, when a user enters the logon ID and password (the “first factor”), the system also requires the user enter a unique one-time code or password generated by software on their hardware token device, PC, or Smartphone, and enters it into the system. One Time Password technology is also included in Symantec VIP. One-time Password Based Authentication Pros Cons Proven and time tested security method Its most secure mode requires a token, which can make it more costly than risk-based authentication (Note: Symantec VIP software tokens are free) No application changes required; is supported “out-of-box” by many applications and networking hardware via a standard protocol called RADIUS Available from wide variety of suppliers and resellers How to Choose the Right Kind of Strong Authentication The Best Value • Symantec VIP is cloud-based Software as a Service (SaaS). This lowers your cost and provides flexibility for remote access and other use cases. • Symantec VIP provides more value: risk- based authentication and one time password authentication in a single subscription. If you need strong authentication for VPN, web, or cloud applications, you should consider a 2FA solution that provides either risk-based or OTP authentication. The best 2FA solutions are both easy to implement and easy to use—which is what makes them good choices for basic requirements. The implementation of risk-based versus OTP technology is a matter of business need and customer preferences. For example, many organizations choose risk-based authentication for consumer-facing applications because it will keep the cost down when there are many thousands of users. One-time password is typically considered the best option for very high security requirements. Some 2FA solutions are difficult to implement and use, which discourages their use and defeats the purpose. Symantec VIP solves usability challenges by supporting a wide variety of authentication options for end users, and also makes management easier for IT departments by supporting industry standards such as RADIUS, and enterprise directories such as Microsoft Active Directory®. A self-service portal further enhances the end-user experience and reduces the burden on IT. A standards-based, cloud-delivered solution such as Symantec VIP Service, which includes both risk-based and OTP technology, will bring your organization more flexibility at a lower cost than alternatives requiring an on-premise proprietary solution. Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 3
Strong Authentication with Digital Certificates PKI Made Easy • Symantec™ Managed PKI simplifies the complexity of using digital certificates. As a managed service, the infrastructure is ready to go. All you do is activate the account. • Managed PKI automates client-side configuration of applications and makes the user experience transparent. • Our solution saves you money because you don’t have to manage the systems. We do it for you. Some application use-cases require a specific strong, 2FA technology called digital certificates. Examples are user-specific authentication to Wi-Fi access points or network switches, encrypted email, document signing for Adobe Certified Document Service or Microsoft Office, or device authentication in mobile “Bring Your Own Device” (BYOD) initiatives. 3 All of these require using digital certificates to take advantage of the most secure capabilities. When an environment also includes VPN, web, or cloud applications, many organizations choose to use digital certificates for these applications as well in order to integrate strong authentication under one solution. All such applications must be certificate-enabled, which means some applications might not include support for this type of strong authentication. Digital certificates provide strong authentication through a cryptography method called Public Key Encryption. To manage digital certificates properly requires a Public Key Infrastructure (PKI) such as Symantec Managed PKI. The Symantec Managed PKI solution, like Symantec VIP Service, is also a cloud-based offering. This makes it much easier to deploy and manage than on-premise PKI solutions such as Microsoft PKI software, and supports more deployment complexity than with a 2FA solution. Certificated-based Authentication Pros Cons Enables strong authentication for applications requiring this mechanism Requires PKI system for managing the certificate lifecycle, so there is more complexity Also supports most other applications, so you can boost efficiency and save money by using digital certificates for all strong authentication requirements Requires client-side configuration of applications to use a certificate 3- For more examples, see our white paper, Why Digital Certificates are Essential for Managing Mobile Devices, http://www.symantec.com/content/en/us/enterprise/white_papers/b-why-certs-mobile-devices- wp-21259170-en.us.pdf Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 4
Symantec Strong Authentication Solutions Symantec solutions’ features and capabilities will provide your enterprise with strong, scalable, and manageable authentication for protecting online identities and interactions between consumers, business partners, and employees. SSymantec™ Vymantec™ Validation and ID Proalidation and ID Protection (tection (VIP) SerVIP) Servicevice A cloud-based service for preventing unauthorized access to sensitive networks and applications. Case Study: First Tech Federal Credit Union The Problem The national credit union wanted to differentiate its services by offering highly secure options for online banking—without adding IT overhead. Solution Used Symantec Validation and ID Protection (VIP) Service with VIP Access for Mobile. Results First Tech has established a name for itself in offering convenient strong authentication for its customers. It achieved 100% reliability of delivery Symantec VIP will replace your simple password security with strong, robust security for access to your enterprise networks and applications, and prevent unauthorized access by malicious attackers. Users have the same experience as before, but with the added security of a second factor for authentication. Deployment is simple with an existing infrastructure and usually can be pre-configured by an administrator. Key Features Cloud-based infrastructure – Secure, reliable, and scalable service delivers authentication without requiring dedicated on-premise server hardware. Certified annually by third parties. Multiple two-factor credential options – Deploy OTP credentials in a variety of hardware, software, or mobile form factors. Free mobile device credentials – Support for more than 900 mobile devices including Android™, iOS®, Windows® Phone 7, J2ME®, and BREW. Tokenless risk-based authentication – Leverage device and behavior profiling to implement strong authentication and block risky logon attempts without the requirement of a hardware credential. Out-of-band authentication support – Authenticate users via SMS messages or voice-enabled phone calls when elevated risk is detected. Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 5
of one-time passwords for mobile members. The VIP Network also expanded customers’ options for OTP access to multiple First Tech accounts. Finally, the cloud-based solution enabled national deployment without additional IT overhead. 4 Transaction monitoring support – Evaluate activity related to end-user’s monetary transactions, including anomalous amount, anomalous destination, transaction velocity anomaly, and high risk touch points, which allows your organization to challenge the user with an additional factor of authentication. Self-service credential provisioning – Deploy strong authentication to consumers without requiring IT helpdesk or administrator configuration or intervention. Web-based application integration – Add strong authentication to your application using the Symantec VIP web services API in your preferred programming language. Enterprise infrastructure support – Also integrates with popular enterprise VPNs, webmail, SSO applications, and corporate directories to support internal mobile applications. Case Study: Triton Systems of Delaware, LLC The Problem This leading provider of off-premise automated teller machines in North America needed to support remote key transport while eliminating the cost of having two engineers visit each ATM when master key codes required changing. Solution Used Symantec Managed PKI Service Results Triton Systems became the first retail ATM manufacturer to market with remote key transport feature, which increased competitive advantage. Triton’s ATM owners can now save more than $450 in costs for the life of each machine – without compromising security or reliability. 5 SSymantec™ Managed PKI Serymantec™ Managed PKI Servicevice A cloud-based service to power strong authentication, encryption, and digital signing applications. As your enterprise electronically conducts more transactions and correspondence, there is a growing need to authenticate users, restrict access to confidential information, and verify integrity or origination of sensitive documents. Symantec Managed PKI Service, based on Public Key Infrastructure, will allow your enterprise to provide this level of strong trust-based security. It can implement multi-purpose credentials; is good for one-to-many applications such as email; works both online and offline; and supports multiple cryptographic use-cases such as authentication, encryption, and non-repudiation. With PKI, you can facilitate tighter integration with your business partners, protect data against internal and external threats, ensure business continuity, and maintain compliance with government and corporate regulations. Key Features Trusted, cloud-based infrastructure – Backed by 24 hours a day, 7 days a week, 365 days a year monitoring, management, and escalation across the globe with full disaster recovery. Certified annually by a third-party as part of a SSAE 16/SOC 2 security audit, regular WebTrust audits, and specialized government audits. Broad application support – Managed PKI Issues X.509 certificates that interoperate with a wide variety of operating systems, devices, VPN, mail, and web browser software. Providing certificate profiles for common applications enables strong authentication, email encryption and signing, and document signing (Adobe PDF signing). Automated certificate lifecycle management – Automates configuration of common authentication, encryption, and signing applications across multiple platforms and browsers. 4- 5- http://www.symantec.com/content/en/us/enterprise/customer_successes/b-first_tech_federal_cu_CS.en-us.pdf http://www.symantec.com/content/en/us/enterprise/customer_successes/b-triton_systems_CS.en-us.pdf Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 6
Our client software automatically configures a user’s browser, VPN client, mail client, or other application to use Symantec certificates. It also automates the process of renewing certificates, preventing expired certificates from interrupting business continuity. Symantec O3™ For Authenticating Cloud Applications Many organizations are putting applications in the cloud to save money. As unintended consequences, IT often loses control of access and end users often take a hit in usability—especially when they are authenticating to multiple cloud applications. The practical pitfall is recalling different authentication credentials for the various applications. A common response by users is to re-use a single credential for all the applications. This behavior will weaken your security and magnify the risk of a breach. Symantec™ O3 enables strong single sign-on across cloud, software-as-a-service (SaaS), and web applications and services. It readily integrates with existing identity sources such as Active Directory, LDAP, and relational databases. It also federates authentication for the various cloud/web services, and offers users a simple single-sign-on experience. The solution also maintains a context-based policy engine to oversee access control. For more information about Symantec O3, see https://www4.symantec.com/mktginfo/RSA_2012/assets/SymantecO3Datasheet.pdf Make the Move to Strong Authentication With Symantec, you can quickly enable the benefits of strong access security in corporate and customer-facing applications. Depending on application requirements, you will need one of three solutions: risk-based authentication (Symantec VIP), a 2FA solution with one-time passwords (Symantec VIP), or a digital certificate-based solution (Symantec Managed PKI). To learn more, call your Symantec account representative or visit our Symantec User Authentication Solutions page at http://www.symantec.com/products-solutions/ families/?fid=user-authentication. Choosing the Right Authentication Method Symantec VIP Symantec Managed PKI Application Use Cases One-Time Passwords Risk-based Digital Certificates Virtual Private Networks (VPNs) √ √ * Web/Cloud-based Applications √ √ * Secure Wireless Access √ Secure Email √ Document Signing √ Support for BYOD Initiatives √ * Supported as a secondary user case Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 7
About Symantec Symantec protects the world’s information, and is a global leader in security, backup, and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world- renowned expertise in protecting data, identities, and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at go.symantec.com/socialmedia. For specific country offices and contact numbers, please visit our website. Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 1/2013 21280723 Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions

Empfohlen

Classificació dels instruments: Hornsbostel - Sachs
Classificació dels instruments: Hornsbostel - SachsClassificació dels instruments: Hornsbostel - Sachs
Classificació dels instruments: Hornsbostel - SachsAna Pitarch
 
Los instrumentos de la Orquesta Sinfónica y su clasificación
Los instrumentos de la Orquesta Sinfónica y su clasificaciónLos instrumentos de la Orquesta Sinfónica y su clasificación
Los instrumentos de la Orquesta Sinfónica y su clasificaciónpablosimon222
 
Clasificación de los instrumentos por sachs y hornbostel
Clasificación de los instrumentos por sachs y hornbostelClasificación de los instrumentos por sachs y hornbostel
Clasificación de los instrumentos por sachs y hornbosteluntlaunica
 
@ValaAfshar - 50 Powerful Statistics About Tech MegaTrends Affecting Every Bu...
@ValaAfshar - 50 Powerful Statistics About Tech MegaTrends Affecting Every Bu...@ValaAfshar - 50 Powerful Statistics About Tech MegaTrends Affecting Every Bu...
@ValaAfshar - 50 Powerful Statistics About Tech MegaTrends Affecting Every Bu...Scott Valentine, MBA, CSPO
 
The Pay-per-Action Model for Online Advertising
The Pay-per-Action Model for Online AdvertisingThe Pay-per-Action Model for Online Advertising
The Pay-per-Action Model for Online AdvertisingScott Valentine, MBA, CSPO
 
Silverpop_7 Emails Marketers Should Automate
Silverpop_7 Emails Marketers Should AutomateSilverpop_7 Emails Marketers Should Automate
Silverpop_7 Emails Marketers Should AutomateScott Valentine, MBA, CSPO
 
Smartphone Comparison
Smartphone ComparisonSmartphone Comparison
Smartphone ComparisonScott Valentine, MBA, CSPO
 
A Nation of Serial Switchers
A Nation of Serial SwitchersA Nation of Serial Switchers
A Nation of Serial SwitchersScott Valentine, MBA, CSPO
 

Empfohlen

Classificació dels instruments: Hornsbostel - Sachs
Classificació dels instruments: Hornsbostel - SachsClassificació dels instruments: Hornsbostel - Sachs
Classificació dels instruments: Hornsbostel - SachsAna Pitarch
 
Los instrumentos de la Orquesta Sinfónica y su clasificación
Los instrumentos de la Orquesta Sinfónica y su clasificaciónLos instrumentos de la Orquesta Sinfónica y su clasificación
Los instrumentos de la Orquesta Sinfónica y su clasificaciónpablosimon222
 
Clasificación de los instrumentos por sachs y hornbostel
Clasificación de los instrumentos por sachs y hornbostelClasificación de los instrumentos por sachs y hornbostel
Clasificación de los instrumentos por sachs y hornbosteluntlaunica
 
@ValaAfshar - 50 Powerful Statistics About Tech MegaTrends Affecting Every Bu...
@ValaAfshar - 50 Powerful Statistics About Tech MegaTrends Affecting Every Bu...@ValaAfshar - 50 Powerful Statistics About Tech MegaTrends Affecting Every Bu...
@ValaAfshar - 50 Powerful Statistics About Tech MegaTrends Affecting Every Bu...Scott Valentine, MBA, CSPO
 
The Pay-per-Action Model for Online Advertising
The Pay-per-Action Model for Online AdvertisingThe Pay-per-Action Model for Online Advertising
The Pay-per-Action Model for Online AdvertisingScott Valentine, MBA, CSPO
 
Silverpop_7 Emails Marketers Should Automate
Silverpop_7 Emails Marketers Should AutomateSilverpop_7 Emails Marketers Should Automate
Silverpop_7 Emails Marketers Should AutomateScott Valentine, MBA, CSPO
 
Smartphone Comparison
Smartphone ComparisonSmartphone Comparison
Smartphone ComparisonScott Valentine, MBA, CSPO
 
A Nation of Serial Switchers
A Nation of Serial SwitchersA Nation of Serial Switchers
A Nation of Serial SwitchersScott Valentine, MBA, CSPO
 
TV Untethered: Measuring the Shifting Screen
TV Untethered: Measuring the Shifting ScreenTV Untethered: Measuring the Shifting Screen
TV Untethered: Measuring the Shifting ScreenScott Valentine, MBA, CSPO
 
Marketing Loyalty Report
Marketing Loyalty ReportMarketing Loyalty Report
Marketing Loyalty ReportScott Valentine, MBA, CSPO
 
The Social CEO: Executives Tell All
The Social CEO: Executives Tell AllThe Social CEO: Executives Tell All
The Social CEO: Executives Tell AllScott Valentine, MBA, CSPO
 
Email Validation for Improved Deliverability and Marketing Results
Email Validation for Improved Deliverability and Marketing ResultsEmail Validation for Improved Deliverability and Marketing Results
Email Validation for Improved Deliverability and Marketing ResultsScott Valentine, MBA, CSPO
 
The Social Media ROI Cookbook
The Social Media ROI CookbookThe Social Media ROI Cookbook
The Social Media ROI CookbookScott Valentine, MBA, CSPO
 
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...Scott Valentine, MBA, CSPO
 
AberdeenGroup_Analytics for the CMO
AberdeenGroup_Analytics for the CMOAberdeenGroup_Analytics for the CMO
AberdeenGroup_Analytics for the CMOScott Valentine, MBA, CSPO
 
GameScorpion_ Alternative App Markets
GameScorpion_ Alternative App MarketsGameScorpion_ Alternative App Markets
GameScorpion_ Alternative App MarketsScott Valentine, MBA, CSPO
 
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERS
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERSAcxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERS
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERSScott Valentine, MBA, CSPO
 
Data Quality and the Customer Experience
Data Quality and the Customer ExperienceData Quality and the Customer Experience
Data Quality and the Customer ExperienceScott Valentine, MBA, CSPO
 
How will 2013 Unfold? Predictions and Premonitions for the Digital Marketer
How will 2013 Unfold? Predictions and Premonitions for the Digital MarketerHow will 2013 Unfold? Predictions and Premonitions for the Digital Marketer
How will 2013 Unfold? Predictions and Premonitions for the Digital MarketerScott Valentine, MBA, CSPO
 
Big Brand Strategies for Mobile App Marketing
Big Brand Strategies for Mobile App MarketingBig Brand Strategies for Mobile App Marketing
Big Brand Strategies for Mobile App MarketingScott Valentine, MBA, CSPO
 
How New Devices, Networks, and Consumer Habits Will Change the Web Experience
How New Devices, Networks, and Consumer Habits Will Change the Web ExperienceHow New Devices, Networks, and Consumer Habits Will Change the Web Experience
How New Devices, Networks, and Consumer Habits Will Change the Web ExperienceScott Valentine, MBA, CSPO
 
The Digital Media Value Chain: A Path to Content Monetization
The Digital Media Value Chain: A Path to Content MonetizationThe Digital Media Value Chain: A Path to Content Monetization
The Digital Media Value Chain: A Path to Content MonetizationScott Valentine, MBA, CSPO
 
The Right Time for Real-Time Marketing
The Right Time for Real-Time MarketingThe Right Time for Real-Time Marketing
The Right Time for Real-Time MarketingScott Valentine, MBA, CSPO
 
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...Scott Valentine, MBA, CSPO
 
Mobile Commerce Outlook 2013
Mobile Commerce Outlook 2013Mobile Commerce Outlook 2013
Mobile Commerce Outlook 2013Scott Valentine, MBA, CSPO
 
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...Scott Valentine, MBA, CSPO
 
How to Optimize Landing Pages for Conversions
How to Optimize Landing Pages for ConversionsHow to Optimize Landing Pages for Conversions
How to Optimize Landing Pages for ConversionsScott Valentine, MBA, CSPO
 
Video Statistics: The Marketer’s Summary
Video Statistics: The Marketer’s SummaryVideo Statistics: The Marketer’s Summary
Video Statistics: The Marketer’s SummaryScott Valentine, MBA, CSPO
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Weitere ähnliche Inhalte

Mehr von Scott Valentine, MBA, CSPO

Email Validation for Improved Deliverability and Marketing Results
Email Validation for Improved Deliverability and Marketing ResultsEmail Validation for Improved Deliverability and Marketing Results
Email Validation for Improved Deliverability and Marketing ResultsScott Valentine, MBA, CSPO
 
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...Scott Valentine, MBA, CSPO
 
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERS
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERSAcxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERS
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERSScott Valentine, MBA, CSPO
 
How will 2013 Unfold? Predictions and Premonitions for the Digital Marketer
How will 2013 Unfold? Predictions and Premonitions for the Digital MarketerHow will 2013 Unfold? Predictions and Premonitions for the Digital Marketer
How will 2013 Unfold? Predictions and Premonitions for the Digital MarketerScott Valentine, MBA, CSPO
 
How New Devices, Networks, and Consumer Habits Will Change the Web Experience
How New Devices, Networks, and Consumer Habits Will Change the Web ExperienceHow New Devices, Networks, and Consumer Habits Will Change the Web Experience
How New Devices, Networks, and Consumer Habits Will Change the Web ExperienceScott Valentine, MBA, CSPO
 
The Digital Media Value Chain: A Path to Content Monetization
The Digital Media Value Chain: A Path to Content MonetizationThe Digital Media Value Chain: A Path to Content Monetization
The Digital Media Value Chain: A Path to Content MonetizationScott Valentine, MBA, CSPO
 
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...Scott Valentine, MBA, CSPO
 
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...Scott Valentine, MBA, CSPO
 

Mehr von Scott Valentine, MBA, CSPO (20)

TV Untethered: Measuring the Shifting Screen
TV Untethered: Measuring the Shifting ScreenTV Untethered: Measuring the Shifting Screen
TV Untethered: Measuring the Shifting Screen
 
Marketing Loyalty Report
Marketing Loyalty ReportMarketing Loyalty Report
Marketing Loyalty Report
 
The Social CEO: Executives Tell All
The Social CEO: Executives Tell AllThe Social CEO: Executives Tell All
The Social CEO: Executives Tell All
 
Email Validation for Improved Deliverability and Marketing Results
Email Validation for Improved Deliverability and Marketing ResultsEmail Validation for Improved Deliverability and Marketing Results
Email Validation for Improved Deliverability and Marketing Results
 
The Social Media ROI Cookbook
The Social Media ROI CookbookThe Social Media ROI Cookbook
The Social Media ROI Cookbook
 
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...
AMA_Corporate Attitudes and Adoption Trends of Multi-Channel and Omni-Channel...
 
AberdeenGroup_Analytics for the CMO
AberdeenGroup_Analytics for the CMOAberdeenGroup_Analytics for the CMO
AberdeenGroup_Analytics for the CMO
 
GameScorpion_ Alternative App Markets
GameScorpion_ Alternative App MarketsGameScorpion_ Alternative App Markets
GameScorpion_ Alternative App Markets
 
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERS
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERSAcxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERS
Acxiom_LOYALTY IN TODAY’S MARKETPLACE DEMANDS BETTER CONNECTIONS WITH CUSTOMERS
 
Data Quality and the Customer Experience
Data Quality and the Customer ExperienceData Quality and the Customer Experience
Data Quality and the Customer Experience
 
How will 2013 Unfold? Predictions and Premonitions for the Digital Marketer
How will 2013 Unfold? Predictions and Premonitions for the Digital MarketerHow will 2013 Unfold? Predictions and Premonitions for the Digital Marketer
How will 2013 Unfold? Predictions and Premonitions for the Digital Marketer
 
Big Brand Strategies for Mobile App Marketing
Big Brand Strategies for Mobile App MarketingBig Brand Strategies for Mobile App Marketing
Big Brand Strategies for Mobile App Marketing
 
How New Devices, Networks, and Consumer Habits Will Change the Web Experience
How New Devices, Networks, and Consumer Habits Will Change the Web ExperienceHow New Devices, Networks, and Consumer Habits Will Change the Web Experience
How New Devices, Networks, and Consumer Habits Will Change the Web Experience
 
The Digital Media Value Chain: A Path to Content Monetization
The Digital Media Value Chain: A Path to Content MonetizationThe Digital Media Value Chain: A Path to Content Monetization
The Digital Media Value Chain: A Path to Content Monetization
 
The Right Time for Real-Time Marketing
The Right Time for Real-Time MarketingThe Right Time for Real-Time Marketing
The Right Time for Real-Time Marketing
 
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...
To Monetize Open Social Networks, Invite Customers to Be More Than Just “Frie...
 
Mobile Commerce Outlook 2013
Mobile Commerce Outlook 2013Mobile Commerce Outlook 2013
Mobile Commerce Outlook 2013
 
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...
Mobile Operator Guide 2013 The Evolution of Mobile Services: Challenges, Stra...
 
How to Optimize Landing Pages for Conversions
How to Optimize Landing Pages for ConversionsHow to Optimize Landing Pages for Conversions
How to Optimize Landing Pages for Conversions
 
Video Statistics: The Marketer’s Summary
Video Statistics: The Marketer’s SummaryVideo Statistics: The Marketer’s Summary
Video Statistics: The Marketer’s Summary
 

Kürzlich hochgeladen

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Kürzlich hochgeladen (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Authentication Solutions Buyer's Guide

  • 1. A guide for assessing technology options for Symantec's portfolio of solutions Authentication Solutions Buyer's Guide Who should read this paperWho should read this paper Individuals who would like more details regarding strong authentication methods available today to secure access to corporate networks and enterprise or customer applications. Learn how your environment will dictate which method is right for you. WHITEPAPER: AUTHENTICATIONSOLUTIONSBUYER'SGUIDE ........................................
  • 2.
  • 3. Content Executive Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Why You Need Strong Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Assessing Options for Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Risk-based Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 One-time Password Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 How to Choose the Right Kind of Strong Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Strong Authentication with Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Symantec Strong Authentication Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Symantec™ Validation and ID Protection (VIP) Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Symantec™ Managed PKI Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Make the Move to Strong Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions
  • 4. Executive Summary Authentication is the most visible security control for applications used by enterprises and their customers. It controls access and plays a crucial role for enforcing security policy. Frequently, authentication requires just a simple user ID and password, which makes it a weak, exploitable target for criminals. Your challenge is to use a stronger, cost-effective authentication solution that is easy to use. Capture the benefits of strong authentication • Simple passwords are not enough protection • Stronger access security uses multifactor authentication such as risk-triggered challenges, one-time passwords, or digital certificates • Symantec’s strong authentication portfolio lets you mix and match the right solution for your requirements A range of strong authentication technology from Symantec helps you overcome the vulnerabilities associated with simple passwords by augmenting them with additional authentication factors such as user device identifiers, risk-based challenges, one-time passwords, or digital certificates. This approach raises the bar for would-be attackers because even if they steal a user’s name and simple password, it’s still not enough to get in. Choosing the best solution depends on your IT environment, your particular application or mix of applications, related business requirements that may require stronger security, and cost or usability considerations. Symantec solutions provide scalable, manageable, and cost-effective strong authentication for meeting requirements to protect your enterprise applications. Why You Need Strong Authentication Reliance on simple, easy-to-guess passwords is inadequate for securing your critical applications and data. For example, of 400,000 accounts compromised in a recent attack on a large Internet portal, the most common passwords were the actual word “password” and the numeric string 123456. 1 Hackers exploit weak passwords with automated attacks that try combinations of letters and numbers until the right one is found. Other hackers exploit social engineering with email or phone calls to trick unsophisticated users into divulging their password by pretending to be a trusted company employee such as a technical support specialist. Research shows that weak access security is a leading cause of data breaches – contributing to 82 percent of compromised records. 2 In large organizations, use of stolen credentials is the biggest cause of breaches and compromised records (Verizon Report, p. 26). For incidents like these, the use of a strong authentication solution can prevent the breach and compromise of sensitive data. Office computer users and remote workers need strong authentication to protect access to sensitive information in their organizations' servers and applications. Many government agencies such as the U.S. Department of Defense, or departments within government or commercial financial institutions, require strong authentication to log on to office computers on their networks because of the highly valuable and sensitive nature of these data. Strong authentication is also required or under consideration by some data protection regulations for private industry such as PCI DSS for retail, FFIEC for financial services, and HIPAA/HITECH for healthcare. Your business partners and customers are also well aware of security breaches and expect you to protect their data when used by your IT systems. Your use of strong authentication will help to gain their trust. It will also prevent breaches caused by risky use of technology by business partners and consumers. For example, business and consumer access to applications via mobile devices is rapidly growing. The use of weak credentials for accessing sensitive business applications such as online shopping and banking can result in a breach. 1- 2- http://www.businessinsider.com/most-popular-hacked-yahoo-passwords-2012-7 Verizon Business 2012 Data Breach Investigation Report (p. 25) Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 1
  • 5. Assessing Options for Authentication As you acknowledge the need for stronger access security, the quest to specify a solution for your environment begins by asking: which authentication technology is the right one? The answer depends upon requirements determined by your applications and IT environment. Authentication starts with “something you know,” which is a user ID and password. Passwords will have varying degrees of strength. Weak passwords create vulnerabilities that facilitate hacking attacks such as guessing, brute force dictionary cracking, or man-in-the-middle interception. While your organization can strengthen a simple password against guessing and dictionary attacks by enforcing rules about their characteristics and lifespan, this often backfires because users will often take the risky step of writing them down in an insecure location when they feel the rules make things too complex. And the rules won’t stop social engineering, capture, or interception attacks. Two factors of proof make stronger authentication A mandatory requirement for strong authentication is the best defense. Strong authentication requires each person attempting access to present a second factor, which is “something you have,” in addition to a password. Even if an unauthorized person obtained your password, they could not gain access without the second factor. The strongest authentication systems use technologies called one-time passwords (OTP) or digital certificates to completely remove the vulnerabilities of password guessing or a man in the middle attack. A use-case requiring less stringent strong security can use a variant called risk-based authentication. Risk-based Authentication Risk-based authentication has recently gained acceptance as a reasonably good form of protecting logon security. One attraction is lower cost: risk-based authentication does not require the use of tokens, smartcards, or biometrics. It’s a simpler type of multifactor authentication that can significantly reduce costs associated with deployment to a large user population. It also eliminates associated burdens that may negatively affect usability of traditional solutions. Risk- based authentication works by establishing a baseline for normal user behavior when logging on to a system, such as recording what device and/or location they normally use for access. With risk-based authentication, when the logon behavior is normal, a simple password may be deemed acceptable. But when a log on is attempted by an unknown device or from an unusual location, the user is challenged to enter an additional code, which is emailed to them or sent to them via SMS text message. Risk-based authentication is included with Symantec™ Validation and Identity Protection (VIP). Risk-based Authentication Pros Cons Tokenless – no special application software or hardware required for users Optimal for web applications, but might not work with others Lower cost for a large user base Requires small, but necessary changes to server-based code of each web application Easier for unsophisticated users Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 2
  • 6. One-time Password Authentication One-time-password (OTP) technology is a form of two-factor authentication (2FA). It’s often used for authenticating VPN and partner-facing web portals. OTP may also serve well for some custom applications. As mentioned, OTP solutions augment traditional user names and passwords with various choices for “something you have,” With OTP, a user PC, smartphone, or special hardware token, may all serve as a second factor during logon. With an OTP system, when a user enters the logon ID and password (the “first factor”), the system also requires the user enter a unique one-time code or password generated by software on their hardware token device, PC, or Smartphone, and enters it into the system. One Time Password technology is also included in Symantec VIP. One-time Password Based Authentication Pros Cons Proven and time tested security method Its most secure mode requires a token, which can make it more costly than risk-based authentication (Note: Symantec VIP software tokens are free) No application changes required; is supported “out-of-box” by many applications and networking hardware via a standard protocol called RADIUS Available from wide variety of suppliers and resellers How to Choose the Right Kind of Strong Authentication The Best Value • Symantec VIP is cloud-based Software as a Service (SaaS). This lowers your cost and provides flexibility for remote access and other use cases. • Symantec VIP provides more value: risk- based authentication and one time password authentication in a single subscription. If you need strong authentication for VPN, web, or cloud applications, you should consider a 2FA solution that provides either risk-based or OTP authentication. The best 2FA solutions are both easy to implement and easy to use—which is what makes them good choices for basic requirements. The implementation of risk-based versus OTP technology is a matter of business need and customer preferences. For example, many organizations choose risk-based authentication for consumer-facing applications because it will keep the cost down when there are many thousands of users. One-time password is typically considered the best option for very high security requirements. Some 2FA solutions are difficult to implement and use, which discourages their use and defeats the purpose. Symantec VIP solves usability challenges by supporting a wide variety of authentication options for end users, and also makes management easier for IT departments by supporting industry standards such as RADIUS, and enterprise directories such as Microsoft Active Directory®. A self-service portal further enhances the end-user experience and reduces the burden on IT. A standards-based, cloud-delivered solution such as Symantec VIP Service, which includes both risk-based and OTP technology, will bring your organization more flexibility at a lower cost than alternatives requiring an on-premise proprietary solution. Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 3
  • 7. Strong Authentication with Digital Certificates PKI Made Easy • Symantec™ Managed PKI simplifies the complexity of using digital certificates. As a managed service, the infrastructure is ready to go. All you do is activate the account. • Managed PKI automates client-side configuration of applications and makes the user experience transparent. • Our solution saves you money because you don’t have to manage the systems. We do it for you. Some application use-cases require a specific strong, 2FA technology called digital certificates. Examples are user-specific authentication to Wi-Fi access points or network switches, encrypted email, document signing for Adobe Certified Document Service or Microsoft Office, or device authentication in mobile “Bring Your Own Device” (BYOD) initiatives. 3 All of these require using digital certificates to take advantage of the most secure capabilities. When an environment also includes VPN, web, or cloud applications, many organizations choose to use digital certificates for these applications as well in order to integrate strong authentication under one solution. All such applications must be certificate-enabled, which means some applications might not include support for this type of strong authentication. Digital certificates provide strong authentication through a cryptography method called Public Key Encryption. To manage digital certificates properly requires a Public Key Infrastructure (PKI) such as Symantec Managed PKI. The Symantec Managed PKI solution, like Symantec VIP Service, is also a cloud-based offering. This makes it much easier to deploy and manage than on-premise PKI solutions such as Microsoft PKI software, and supports more deployment complexity than with a 2FA solution. Certificated-based Authentication Pros Cons Enables strong authentication for applications requiring this mechanism Requires PKI system for managing the certificate lifecycle, so there is more complexity Also supports most other applications, so you can boost efficiency and save money by using digital certificates for all strong authentication requirements Requires client-side configuration of applications to use a certificate 3- For more examples, see our white paper, Why Digital Certificates are Essential for Managing Mobile Devices, http://www.symantec.com/content/en/us/enterprise/white_papers/b-why-certs-mobile-devices- wp-21259170-en.us.pdf Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 4
  • 8. Symantec Strong Authentication Solutions Symantec solutions’ features and capabilities will provide your enterprise with strong, scalable, and manageable authentication for protecting online identities and interactions between consumers, business partners, and employees. SSymantec™ Vymantec™ Validation and ID Proalidation and ID Protection (tection (VIP) SerVIP) Servicevice A cloud-based service for preventing unauthorized access to sensitive networks and applications. Case Study: First Tech Federal Credit Union The Problem The national credit union wanted to differentiate its services by offering highly secure options for online banking—without adding IT overhead. Solution Used Symantec Validation and ID Protection (VIP) Service with VIP Access for Mobile. Results First Tech has established a name for itself in offering convenient strong authentication for its customers. It achieved 100% reliability of delivery Symantec VIP will replace your simple password security with strong, robust security for access to your enterprise networks and applications, and prevent unauthorized access by malicious attackers. Users have the same experience as before, but with the added security of a second factor for authentication. Deployment is simple with an existing infrastructure and usually can be pre-configured by an administrator. Key Features Cloud-based infrastructure – Secure, reliable, and scalable service delivers authentication without requiring dedicated on-premise server hardware. Certified annually by third parties. Multiple two-factor credential options – Deploy OTP credentials in a variety of hardware, software, or mobile form factors. Free mobile device credentials – Support for more than 900 mobile devices including Android™, iOS®, Windows® Phone 7, J2ME®, and BREW. Tokenless risk-based authentication – Leverage device and behavior profiling to implement strong authentication and block risky logon attempts without the requirement of a hardware credential. Out-of-band authentication support – Authenticate users via SMS messages or voice-enabled phone calls when elevated risk is detected. Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 5
  • 9. of one-time passwords for mobile members. The VIP Network also expanded customers’ options for OTP access to multiple First Tech accounts. Finally, the cloud-based solution enabled national deployment without additional IT overhead. 4 Transaction monitoring support – Evaluate activity related to end-user’s monetary transactions, including anomalous amount, anomalous destination, transaction velocity anomaly, and high risk touch points, which allows your organization to challenge the user with an additional factor of authentication. Self-service credential provisioning – Deploy strong authentication to consumers without requiring IT helpdesk or administrator configuration or intervention. Web-based application integration – Add strong authentication to your application using the Symantec VIP web services API in your preferred programming language. Enterprise infrastructure support – Also integrates with popular enterprise VPNs, webmail, SSO applications, and corporate directories to support internal mobile applications. Case Study: Triton Systems of Delaware, LLC The Problem This leading provider of off-premise automated teller machines in North America needed to support remote key transport while eliminating the cost of having two engineers visit each ATM when master key codes required changing. Solution Used Symantec Managed PKI Service Results Triton Systems became the first retail ATM manufacturer to market with remote key transport feature, which increased competitive advantage. Triton’s ATM owners can now save more than $450 in costs for the life of each machine – without compromising security or reliability. 5 SSymantec™ Managed PKI Serymantec™ Managed PKI Servicevice A cloud-based service to power strong authentication, encryption, and digital signing applications. As your enterprise electronically conducts more transactions and correspondence, there is a growing need to authenticate users, restrict access to confidential information, and verify integrity or origination of sensitive documents. Symantec Managed PKI Service, based on Public Key Infrastructure, will allow your enterprise to provide this level of strong trust-based security. It can implement multi-purpose credentials; is good for one-to-many applications such as email; works both online and offline; and supports multiple cryptographic use-cases such as authentication, encryption, and non-repudiation. With PKI, you can facilitate tighter integration with your business partners, protect data against internal and external threats, ensure business continuity, and maintain compliance with government and corporate regulations. Key Features Trusted, cloud-based infrastructure – Backed by 24 hours a day, 7 days a week, 365 days a year monitoring, management, and escalation across the globe with full disaster recovery. Certified annually by a third-party as part of a SSAE 16/SOC 2 security audit, regular WebTrust audits, and specialized government audits. Broad application support – Managed PKI Issues X.509 certificates that interoperate with a wide variety of operating systems, devices, VPN, mail, and web browser software. Providing certificate profiles for common applications enables strong authentication, email encryption and signing, and document signing (Adobe PDF signing). Automated certificate lifecycle management – Automates configuration of common authentication, encryption, and signing applications across multiple platforms and browsers. 4- 5- http://www.symantec.com/content/en/us/enterprise/customer_successes/b-first_tech_federal_cu_CS.en-us.pdf http://www.symantec.com/content/en/us/enterprise/customer_successes/b-triton_systems_CS.en-us.pdf Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 6
  • 10. Our client software automatically configures a user’s browser, VPN client, mail client, or other application to use Symantec certificates. It also automates the process of renewing certificates, preventing expired certificates from interrupting business continuity. Symantec O3™ For Authenticating Cloud Applications Many organizations are putting applications in the cloud to save money. As unintended consequences, IT often loses control of access and end users often take a hit in usability—especially when they are authenticating to multiple cloud applications. The practical pitfall is recalling different authentication credentials for the various applications. A common response by users is to re-use a single credential for all the applications. This behavior will weaken your security and magnify the risk of a breach. Symantec™ O3 enables strong single sign-on across cloud, software-as-a-service (SaaS), and web applications and services. It readily integrates with existing identity sources such as Active Directory, LDAP, and relational databases. It also federates authentication for the various cloud/web services, and offers users a simple single-sign-on experience. The solution also maintains a context-based policy engine to oversee access control. For more information about Symantec O3, see https://www4.symantec.com/mktginfo/RSA_2012/assets/SymantecO3Datasheet.pdf Make the Move to Strong Authentication With Symantec, you can quickly enable the benefits of strong access security in corporate and customer-facing applications. Depending on application requirements, you will need one of three solutions: risk-based authentication (Symantec VIP), a 2FA solution with one-time passwords (Symantec VIP), or a digital certificate-based solution (Symantec Managed PKI). To learn more, call your Symantec account representative or visit our Symantec User Authentication Solutions page at http://www.symantec.com/products-solutions/ families/?fid=user-authentication. Choosing the Right Authentication Method Symantec VIP Symantec Managed PKI Application Use Cases One-Time Passwords Risk-based Digital Certificates Virtual Private Networks (VPNs) √ √ * Web/Cloud-based Applications √ √ * Secure Wireless Access √ Secure Email √ Document Signing √ Support for BYOD Initiatives √ * Supported as a secondary user case Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions 7
  • 11.
  • 12. About Symantec Symantec protects the world’s information, and is a global leader in security, backup, and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world- renowned expertise in protecting data, identities, and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at go.symantec.com/socialmedia. For specific country offices and contact numbers, please visit our website. Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 1/2013 21280723 Authentication Solutions Buyer's Guide A guide for assessing technology options for Symantec's portfolio of solutions