When it comes to cybersecurity, the first thought that comes to mind for many IT professionals are firewalls, secure gateways, security systems… building taller walls to prevent hackers from gaining access. However, many fail to identify the importance of a well-guarded front gate (access authentication).
2014 Data Breach Investigation Report from Verizon reported that the number one way hackers are gaining access to information on computer networks continues to be the misuse of usernames and passwords, citing two of every three breaches exploit weak or stolen passwords. Access information and data continue to be the weaker link when it comes to cybersecurity.
Supported by Gartner Research prediction that just 4% of the total $77 billion for cybersecurity will be spent on identity and access management (IAM) in 2015. There is clearly a lack of urgency in building an effective and secured IAM system. The best firewalls and intrusion detection won’t matter if someone has keys to the front door.
However, what do users expect IAM to deliver?
Seamless Integration
Versatile Authentication Server (VAS) supports the implementation of a wide range of authentication mechanisms. It is designed with the ability to plug in any existing authentication mechanisms, enabling organizations to handle system or application changes seamlessly.
Secured yet Flexible Password Policies
Organizations can chain two or more authentication methods for strong authentication and authorization requirements, while the built-in static ID/ password authentication module supports flexible password quality, expiry, and login policy.
Quick and Secure Access
Request, review, approve, and manage user’s access right in a timely manner. Hierarchy-Based Administration allows organizations to designate security administrators at different levels of the organization. This gives users timely access to resources available while ensuring rights-protected resources are only available to staff with access rights.
Identity Intelligence
Organizations must be able to pinpoint who has access to what, why they have access, and what they are doing with that access.
Contextual Authentication helps identify and prevent attempted fraudulent activities. Contextual factors such as user’s location, their recent activity are integrated into the authentication process to force stronger authentication.