}

Advanced Authentication Methods

In the ever-evolving world of technology, which seems to permeate most aspects of our modern lives, the threat of data breaches is also ever evolving. Even though the internet, and networking in general, is in its infancy relative to our society, the forces that shape our technological landscape are moving quickly, and those who see fit to exploit the weaknesses inherent in such a landscape are just one-step behind -or sometimes, they may be one-step ahead.

Every day we access multiple systems that require a username and password for access. Enter the credentials, and you are in. These credentials are stored in some database somewhere, and assumed to be secure. However, the high-profile breaches that have occurred in recent years have opened the eyes of the public to just how fragile the security infrastructure of the internet can be. Read more about mitigating the risk of internal data breach.

Security firms and research organizations have been hard at work in recent years to combat the ever-growing community of hackers that seem to be just as savvy, if not more so at times, than the security engineers themselves. From the days of a username and simple password with very basic encryption, to authentication methods seemingly ripped from the movies, in order to keep hackers at bay and stay in compliance with standards set by organizations that govern network security.

To this end, advanced authentication, or multi-factor authentication, is the standard of the day. Advanced authentication adds an additional layer of security to the authentication to the standard username and password authentication method. To understand advanced authentication, we must first understand standard digital authentication.

Authentication occurs when the user proves to the system he is trying to access that the identity he is using is proven to the system. Identity in a system can be many things, but generally it is the username or logon name. The identity is not meant to be secret or hidden in any way, but the authenticator, or authentication factor is. This secret authenticator in your most basic cases is “something the user knows” - a password. The user verifies his identity to the system by providing the password. The system accepts the credentials (provided they are correct), and the user is given access. This is a good first-step to securing a system, but as we’ve seen over the years, passwords are easily gained by others.

Enter advanced authentication to bolster security on digital systems. In addition to the identity and password, another factor must be provided to the system to gain access. This additional factor is generally “something the user has”, or “something the user is”. Some examples of these factors are:

  • Something the user has – a smart card, a pin sent to a mobile device
  • Something the user is – fingerprint, facial recognition

Adding a smart card or pin, or a biometric factor can greatly increase security over the username and password, which can easily be gained through breaches or even simple social engineering. Advanced authentication helps to prevent a malicious party from spoofing the identity of a valid user to gain access to the system. Of course, fingerprints can be faked and smart cards can be stolen. There is no cure-all for network security, but using multiple factors for authentication to systems can minimize the threat greatly.

In education, authentication can be particularly difficult for younger students or students with special needs. Read about how QR code logins improve the ease access for K-12.

Battle of the email solutions: Exchange vs. Google Apps

In the industry I am in, with the job functions I perform daily, I see more and more organizations moving from an in-house email solution such as Exchange to cloud-based email solutions like Office 365 and Google Apps. This is due to many reasons and an easy way to see why is to compare Exchange and Google Apps.

Read more

Category

Authentication Management

automated account management, cloud based email solutions, Compage Exchange and Google Apps, compare cloud based email solution, compare email solutions, Exchange, Google Apps

How to manage credentials the easy way

A seemingly simple, yet tedious task for anyone in the information technology field is credential management. End users are given usernames and passwords for various systems in an organizations environment, and the hope is that the end users can manage these credentials with very little issue or assistance.

Read more

Identity and Access Management vs. Identity and Access Governance

Identity and access management and identity and access governance are two terms which are often used in the tech world, which can be quite confusing. What do they mean? Are they the same thing? What do they encompass, and what can they do for my organization?

Read more

Category

Authentication Management

account management, IAG, IAM, What is Identity and Access Governance?, What is Identity and Access Management?, access governance, RBAC, SSO

Account Management in Education: How Can It Be Improved?

Many school districts and even some higher-learning institutions have their technological infrastructure run by a skeleton crew due to things such as politics and budgetary constraints. Situations such as this can often lead to many issues within the organization: Lack of network resources for end users Inability to properly support end users and systems No time to research and implement newer technology This causes frustrated overworked admins to think outside the box and turn to other solutions, such as software-based, automated or semi-automated identity management.

Read more

Category

Authentication Management

Account Management in Education, Automated Provisioning in Education, WFM in Education

Group Policy Object; What is it and how can it allow for seamless deployment of software

In any organization from a small business to a large enterprise, control over user’s access to various resources on the network is a key component of managing the corporate environment. Access to resources such as network shares and printers to things such as settings on local stations, are just some of the items an administrator wants to manage centrally and cohesively. A common method to manage domain resources like this is via Group Policy in Active Directory.

Read more