The past few years have been filled with stories of security leaks and breaches. A compromised network resulting in lost corporate data can cause significant damage, both financially and from a customer trust perspective. The financial cost of data breaches reaches far beyond the immediate problem.
The primary weakness of many enterprise security failures is a simple user name and password, which can be easily compromised. Passwords are not effective access controls and many cyber threats can be avoided with the use of a strong authentication method. Strong authentication adds layers of identity verification to ensure only authorized users gain network access through a variety of easy-to-use form factors.
Grama has a full portfolio of solutions for securing identity and access that help organizations worldwide to protect and manage their logical, physical and cloud-based data assets.
Gemalto’s IDConfirm authentication server is scalable and is based on open OATH and EMV CAP standards. The server is designed to work with existing network infrastructure including LDAP and AAA servers. It can be deployed on an existing server and provides authentication services for a full range of devices including OTP (token, card or mobile), Public Key Infrastructure (PKI) -based smart cards and biometrics. The server is equipped with a web-based portal for user account management.
Grama’s one-time password solutions increase the security of the login process by ensuring the person accessing the network is in possession of two factors of identity verification—something they have, the OTP device, and something they know, a username and potentially a password.
- SMS OTP solutions use Gemalto IDConfirm to send a password to any mobile phone via SMS. This offers safe and convenient authentication without the hassle or extra cost of having to carry another device.
- Mobile OTP solutions exploit all the convenience of the mobile phone without the need for a network. Users download an application that turns the phone into a token that generates a secure OTP.
Smart card solutions
Gemalto’s IDPrime smart card-based solutions leverage PKI to provide certificate-based strong authentication. In addition, PKI certificates stored on the smart card can be used to enable email encryption and digital signature, and when incorporated into a USB storage device, secure data storage.
- IDPrime .NET smart cards work seamlessly with Microsoft Server and Windows OS to add secure physical and logical access to existing IT infrastructures using two or three-factor authentication.
- IDPrime .NET Bio adds a further level of security with the addition of fingerprint match-on card user authentication as an alternative or complement to PIN verification.
- Secure Flash USB Token are secure USB tokens that offer simple, highly secure solutions for the mobile offi ce, preventing data loss, securing portable data and digitally signing documents.
Additional PKI functionality
Using the Internet for business processes is cheaper and faster but these savings can be negated by having to rely on “wet” signatures for validation and approval. digital signatures created using smart card devices with PKI can securely authenticate virtual documents saving time and money.
Grama also offers email encryption using PKI. This is essential for preventing sensitive email content being read by unintended recipients. Unsecured USB flash drives can be a major source of data loss but Gemalto’s IDBridge tokens are perfect for secure data storage, ensuring sensitive business information is kept safe, even if the drive is lost or stolen.
Smart card readers (interface devices) are an essential component of any smart card deployment and ensure secure communication between the card and network services. Gemalto is the world’s leading supplier of readers and has an extensive portfolio of devices that are built on the latest technology and offer the perfect balance of ease of use, backed by the highest level of security.
The IDBridge product portfolio includes readers for computing devices, secure entry and remote access, ensuring maximum flexibility for any use case or business environment.
- Contact readers connected to a PC, laptop or thin client, user-friendly smart card readers are designed to be unobtrusive to users. A secure, but easy-to-use solution, connected smart card readers allow for near real time authentication, without relying on outdated password technology.
- Contactless Readers are optimum for speed and convenience when authenticating for physical or logical access. By simply waving or tapping a smart card to the reader, users are quickly authenticated and allowed access.
- Dual readers are multi-purpose readers that enable a convenient way for users to securely access a variety of applications using both contactless and contact technologies, in a single device. These readers are ideally suited for sectors that require both technologies such as healthcare or enterprise identity and access controls, such as a corporate badge.
- Embedded readers chipset technology allows for user authentication in many smart card applications such as logical access and secure logon. Gemalto provides this smart card reader technology to manufacturers who embedded the chipsets in laptops, physical access points, keyboards, POS terminals etc. IDBridge CR solutions include both contact and contactless reader chipsets.
Customers benefit when all the pieces of a technology puzzle work together. That is why Gemalto has spent more than 30 years building and leveraging an extensive network of experienced partners. Technical partners such as Microsoft, Citrix and IBM, help us ensure our strong authentication technology integrates seamlessly with leading enterprise infrastructures. Infrastructure partners such as HP analyze complex customer environments and propose the best possible solution for the lowest total cost of ownership.
Gemalto works with leading ecosystem vendors to provide a complete solution including CMS, virtualization solutions, VPN, security technologies (whole disc encryption and bios), etc. to help you easily deploy and manage your complete identity and access solution.
In addition to providing solutions for securing identity and access, Grama has professional service consultants available to support every aspects of your strong authentication implementation strategy, from planning to execution. Gemalto’s premium professional services include field-proven solution design, qualified project management, fast and seamless system integration and efficient deployment. Gemalto’s experienced service teams and partner network provide complete knowledge transfer and full operational support.
Organizations can deploy Grama’s solutions for securing identity and access and then evolve to more comprehensive identity protection and network security solutions without having to abandon infrastructure investments or change end-user devices. The Protiva platform can be used for OTP applications and then expanded to support PKI and the smart card-based security features in Microsoft’s Windows and .NET platforms. The use of open standards enables hardware optimization, and also helps reduce the total cost of ownership.
Every week brings new stories of companies damaged by the breach of sensitive information, a problem that can be prevented by identity-centric best practices.