Strong authentication
DefenseTwo-factor authentication : what you know (your password) AND what you own (your token).
Contact us
+41 (22) 552 3838
The challenge
Every day, we use passwords to access all sorts of applications: Mail, Company network, Website, etc. But what would happen if that password were to be intercepted by a malicious third party ?
It could entirely compromise your data and because of a rebound effect, potentially compromise all company data. Indeed, intercept passwords is something any pirate operating within a compromised network can do. Your passwords are potentially at risk when you log in from outside of your information system (hotels, airports, restaurants…). A solution exists, it is called two-factor authentication. Strong authentication combines two factors: what you know (your password) AND what you have (your token). Thus, if someone manages to steal your password, it will not be sufficient to access your data.
How does it work ?
Strong authentication : When you will connect to your mail server, or your VPN, an additional password will be required. This additional password changes every 30 seconds and can only be used once.
You have various options to get the password: a hardware key that will display a new password every 30 seconds (with an on/off function), an application on your smartphone, or an SMS containing a single-use code. Please note that those devices can also be used to meet high security requirements (ISO27001, PCI, FINMA, SOX etc.…)
Our approach
We will first analyze all the different entry points of your network (VPN, Mail, remote access).
Together we will go over your wishes in terms of authentication choices (SMS, smartphone, hardware key, etc.…). In a second phase, we will choose the most adapted technical solution according to your needs. It is possible to integrate this authentication mechanism to almost any type of application, and even “home” applications.
Our offer
We offer the implementation of mechanisms that can be directly integrated to your environment and accurately responding to your needs while reducing the impact on your infrastructure.
We are used to all types of deployments for this sort of solution, from external access protection to the protection of specific internal applications (section of an Intranet for example).
