Strong Authentication - Multi-Factor Identity Assurance

By: Actividentity  09-12-2011
Keywords: Government Regulations, Multi-factor Authentication, Authentication Devices,

Regulatory requirements and economic realities are pressuring organizations to secure access to applications and networks. Many industry standards and government regulations now deem static passwords as inadequate and establish guidance that multi-factor authentication should replace single-factor authentication. The Sarbanes-Oxley Act (SOX), recommendations from the Federal Financial Institutions Examination Council (FFIEC), and the Health Insurance Portability and Accountability Act (HIPAA) all require that organizations use stronger forms of authentication to mitigate fraud and protect customer information and patient privacy.

While static passwords continue to dominate as the primary mechanism for identity verification, they create numerous issues for users and organizations alike. Static passwords are often created by users to be easily remembered, making them vulnerable to guessing, social engineering, and brute force dictionary attacks. Even static passwords created under a stringent policy are vulnerable because users write them down and display them in open areas. A key security concern with static passwords is the fact that a compromise (via keystroke logger or network sniffer) often goes undetected, introducing unknown risks to the organization.

ActivIdentity Strong Authentication products provide the following key benefits for adopting organizations:

  • Cost-effective multi-factor authentication, which eliminates the vulnerabilities associated with static passwords
  • Broad support of authentication devices and authentication methods that provide user convenience and address a variety of risk levels for organizations
  • An open standards-based platform that seamlessly integrates into any existing computing environment
  • Support for compliance with industry and government regulations covering multi-factor authentication, authorization, and auditing

Keywords: Authentication Devices, Government Regulations, Multi-factor Authentication,

Other products and services from Actividentity


PKI Digital Certificate Validation - Corestreet Software

The ActivIdentity CoreStreet suite of PKI certificate validation products is a complete solution that allows for the secure, scalable and reliable validation of digital certificates using both traditional as well as distributed OCSP, and this for certificate populations of any size.


Information Security Clients - Smart Card Authentication

Escalating Costs: Price Waterhouse Coopers found that the frequency of cyber attacks on enterprises doubled in the last 18 months and the cost tripled. Insider Threats: Insider security breaches pose a far greater risk to organizations and attacks on information assets are growing. ActivIdentity Security Clients provide the following key benefits.


Access Control - PIV Credentials, Smart Card Readers

To establish standards and guidance for HSPD-12, the National Institute for Standards and Technology has published the Federal Information Processing Standard 201 and several Special Publications that apply to all government agencies. ActivIdentity ActivEntry and ActivEntry Mobile SDKs.


Strong Authentication Devices - Smart Cards, OTP Tokens

Our USB Tokens provide strong security in an easy-to-use, portable form factor that has the same two-factor authentication, digital signature, and encryption capabilities as a smart card. ActivIdentity gives organizations the flexibility to deploy any combination of authentication devices that best meet their specific business, security, and budget requirements.


Credential Management - Digital Certificate Authentication

Ineffective passwords: Static passwords are ineffective; broader use of strong authentication and multiple layers of defense are necessary to inhibit the compromise of credentials. The extends the basic enrollment functionality of ActivID CMS for organizations that need to comply with more advanced PIV standards. For a rapidly deployed PIN management and smart card issuance solution, the is easy to use and provides accelerated time to benefit.


Authentication Devices, Access Control, Credential Management

ActivIdentity Credential Management products enable organizations to securely deploy and manage smart cards and USB tokens containing a variety of credentials, including public key infrastructure certificates, one-time passwords, static passwords, biometrics, demographic data, and virtually any other application.


Services Overview - ActivIdentity

To ensure end-to-end project ownership and responsibility, ActivIdentity has integrated and streamlined its Pre-Sales activities with the rest of its project delivery related services to create the Customer Engagement Methodology. ActivIdentity Pre-Sales provides large customers and partners with the facts and tools they need to make informed decisions when they select and purchase Identity Assurance technology.