Category Archives: Authentication

SaaSID Releases CAM 2.0, Adding Audit Dashboard for Security, Compliance

Web application security provider, SaaSID, has launched Cloud Application Manager 2.0 (CAM), the latest version of its browser-based authentication, management and auditing solution. CAM 2.0’s comprehensive audit report is now displayed in CAM Analytics, an intuitive dashboard that provides clear visibility of Web application use throughout an organization. The new software simplifies administration of authentication, feature controls and password management to help CIOs comply with data security regulations, standards and internal policies, by making it easier to govern, monitor and audit every user interaction with Web applications.

CAM 2.0’s comprehensive suite of dashboards in CAM Analytics provide at-a-glance graphics, showing managers exactly how employees are interacting with Web applications and associated corporate data, regardless of whether employees are working on company workstations or personally-owned computing devices. Detailed analytics provide managers with a complete overview of Web application use and the ability to drill down into reports for additional information. Activities such as exporting customer lists, or attaching sensitive files to Webmail, are tracked and clearly displayed for compliance. A range of graphic elements show social media activity and interactions with corporate applications, providing managers with complete visibility of departmental and individual use of Web applications.

CAM 2.0 users can now be authenticated and logged into Web applications from the SaaSID server. This server-side authentication improves security by ensuring that log-in credentials are protected from malware that might be present on an unsecured device. Users do not know their login details, so they cannot write them down, share them, or access managed applications from unprotected devices. Once CAM 2.0 has authenticated a user, the session is handed to the device and the user works with the application as normal.

Additional new features within CAM 2.0 include:

  • The new Restriction Learning feature which allows in-house IT staff to apply their own restrictions to application features. The simple GUI allows administrators to test the effect of restrictions prior to implementation.
  • Support for more two factor authentication solutions, including offerings from RSA, Vasco and ActivIdentity.
  • The new Password Wizard which learns the workflow for Web application authentication processes, enabling automated password resets. Organisations can use this new feature to change passwords at chosen intervals and to enforce strong password security for all Web applications managed by CAM 2.0: saving administration time and support costs, without impeding productivity.

CAM is a browser extension that goes beyond single sign-on (SSO) by enabling IT staff to manage Web application features according to employee roles. CAM assists organisations in maintaining security and compliance when they adopt Web applications and implement bring your own device (BYOD) programmes, by creating a comprehensive audit trail of all employee interactions with these Web applications.

To request a free trial or a demo of SaaSID’s CAM 2.0, see www.saasid.com.

Swivel Secure Launches University Licensing in UK, North America

Tokenless authentication provider Swivel Secure today announced the launch of its university licensing scheme, which enables universities in both the UK and North America to secure their network infrastructures at a fraction of the typical costs, regardless of whether their data is stored in the cloud or on a virtual private network.

Under the terms of the scheme, Swivel Secure channel partners are able to offer free licences for Swivel’s tokenless authentication platform to a university’s student population, when full licences are purchased for staff members. The scheme enables budget conscious universities to add an additional level of security to their network infrastructure without the need for extensive additional investment.

In both markets, data and network security is a growing concern amongst university IT administrators. Compliance with strict data protection regulations, together with increasing demands from students to access the campus network from a range of different devices and applications, is creating a complex environment that is putting pressure on existing access controls. Additionally, many campuses are also looking to realise the cost savings offered by migrating to a cloud-based infrastructure, which raises fresh concerns about authenticating off-premise users of the campus network.

“Cloud is already an attractive cost saving option for universities and Microsoft’s recent offer of free university licences for Office 365 will undoubtedly encourage more campuses to adopt the model,” comments Chris Russell, VP Engineering at Swivel Secure. “But universities should tread carefully. The ubiquitous reuse of username and password combinations is a real threat to cloud security. Often, all a hacker needs to do is to obtain and reuse a student’s login details for, say, Facebook, in order to gain unauthorised access to the campus network.

“Universities need to be implementing an authentication solution that requires an additional piece of information so if a user’s password is compromised the network remains protected. Our new licensing scheme enables universities to secure their VPN or cloud-based infrastructures in this manner using the only tokenless authentication platform approved for the Microsoft Office 365 environment. Providing free licences to all students should put the technology within reach of most, if not all universities, even those working hard to contain additional costs.”

The Swivel authentication platform was first launched in 2003. It is now used by local government, the NHS, major global enterprises and hundreds of smaller businesses, in over 35 countries, to remotely access their business networks, virtual desktops and cloud-based applications. Offering the widest range of user deployment options according to Gartner, the Swivel authentication platform offers the choice of mobile apps, SMS and interactive voice response channels when full two-factor authentication is mandatory.


Swivel Secure launches in North America

Swivel Secure, a provider of tokenless authentication technology that is capable of securing Microsoft Office 365 as well as other cloud and virtual private network (VPN) remote access solutions, announced its expansion into North America and the opening of its first office in Seattle, Washington.

Swivel Secure is a UK network security solutions provider that has pioneered the development of tokenless, multi-factor authentication technology. The Swivel authentication platform, first launched in 2003, is now used in over 35 countries by governments and global enterprises in a range of sectors including healthcare, pharmaceuticals and logistics as well as in hundreds of smaller businesses around the world.

Swivel’s strategic entry into North America marks the launch of an aggressive channel expansion programme targeting value added resellers (VARs) in the Washington State area and beyond.

“The market for tokenless authentication is growing rapidly as US businesses start to take cloud solutions seriously,” comments Fraser Thomas, VP International, Swivel Secure, who is spearheading the US expansion and VAR recruitment programme. “Given that Swivel is an approved tokenless provider for Microsoft Office 365, a Swivel partnership will enable VARs to offer a compelling remote access proposition for businesses that are migrating to the cloud, together with those that are employing more traditional VPN solutions.”

The unauthorised access of sensitive corporate data is one of the biggest fear factors holding businesses back from migrating to the cloud. Securing a corporate infrastructure with multi-factor authentication means that business owners can be assured that only permitted individuals will be able to gain access to their corporate systems.


New SafeNet Authentication Service Designed for Service Providers

SafeNet, Inc. today announced the immediate availability of SafeNet Authentication Service, a new cloud-based authentication service. The cloud authentication solution was designed and engineered specifically for the service provider environment and allows service providers to rapidly introduce authentication-as-a-service to their enterprise customers. By doing so, it enables service providers to increase their average revenue per user (ARPU), significantly reduce the cost and complexity associated with offering and implementing strong authentication, and strengthen their security and compliance posture.

SafeNet Authentication Service extends the company’s portfolio of two-factor authentication solutions, providing enterprise and government organizations with  choice and flexibility to best customize their authentication solutions to meet current and future security needs.

SafeNet Authentication Service’s automated, customizable cloud platform can reduce authentication-related operational costs through the elimination of manual tasks associated with the provisioning, administration, billing, and management of users and tokens. Service providers can manage their customers from a multi-tier, multi-tenant platform that is vendor-agnostic and will work with an organization’s existing token technology, enabling a quick migration to a centralized cloud environment with minimal disruption to end users. In addition, the service can be white-label branded and completely customizable to the service provider’s needs, enhancing the service brand and overall awareness. In addition, the platform is highly scalable, which enables service providers to accommodate a growing number of customers added to the service without requiring costly infrastructure upgrades.

Strong authentication has also become a major challenge for today’s “extended enterprise,” in which remote employees, partners, customers, and other third parties require access to an organization’s systems, applications, and data. With no infrastructure required, enterprises can quickly turn to service providers for SafeNet Authentication Service to simplify the implementation of strong authentication in this environment—providing “security without borders” from a fully automated, high-assurance, trusted cloud environment.

In addition, SafeNet Authentication Service enables service providers to free up their customer’s IT staff to focus on higher-value activities. By doing so, this automation facilitates real-time policy application to ensure regulatory compliance and improved business efficiency.

According to Chris Morales of the 451 Research Group, “The consumerization of IT, the adoption of mobile computing and SaaS applications, and the incipient growth of desktop virtualization places identity front and center of emerging security and management concerns. As identity assumes more centrality for IT (in terms of both industry and organizational function) in coming to terms with these trends, securing the integrity of the identity assertion, characterizing it in terms of risk assessment, and supplementing (or supplanting) user name and password comprise the initial set of security hurdles. Also, as enterprises and organizations assess the requirements for authentication against the cost and flexibility of the options available from incumbent vendors, authentication-as-a-service, and new form factors or channels such as smartphone tokens and one-time passwords delivered as an SMS have gained in appeal.”

SafeNet Authentication Service reflects the combined offering resulting from SafeNet’s acquisition of Cryptocard in March 2012. This new service combines SafeNet’s market-leading authentication solutions with Cryptocard’s innovative, scalable, and flexible platform.