Banner Default Image

Multi-Factor Authentication (MFA)

Multi-factor authentication serves a vital function within any organization -securing access to corporate networks, protecting the identities of users, and ensuring that a user is who he claims to be.

Evolving business needs around cloud applications and mobile devices, combined with rising threats, and the need to reduce costs, require entirely new considerations for access control.

Authentication is one piece of the Access Management pie. Identity and Access Management solutions provide a framework for granting and requesting access to applications, enforcing access controls and ensuring visibility into access events. That’s where SafeNet Trusted Access comes in.

SafeNet Trusted Access is an access management service that combines the convenience of single sign-on with granular access security. By validating identities, enforcing access policies and applying smart single sign-on, organizations can ensure secure, convenient access to numerous cloud and web-based applications from one easy-to-navigate console.

Thales helps prevent identity theft at VUMC

Why do we need multi-factor authentication?

New threats, risks, and vulnerabilities as well as evolving business requirements underscore to the need for a strong authentication approach based on simple service delivery, choice, and future-forward scalability.

Today, organizations are asking:

  • Can I address new demands of my business — like cloud and mobile devices?
  • How do I map access control methods to business risk and the needs of my users?
  • Can I centrally manage, control and administer all my users and endpoints?
  • Who controls my user data?
  • How can I incorporate additional security layers to help me further fortify against threats?
  • And how do I keep it all practical and cost-effective?

More than ever, customers are looking for identity and access management solutions that deliver simplicity, automation, reduced TCO and choice.

What is Multi-Factor Authentication (MFA)?

Multi-factor authentication ensures that a user is who they claim to be. The more factors used to determine a person’s identity, authenticationthe greater the trust of authenticity.

MFA can be achieved using a combination of the following factors:

  • Something You Know – password or PIN
  • Something You Have – token or smart card (two-factor authentication)
  • Something You Are – biometrics, such as a fingerprint (three-factor authentication)

Because multi-factor authentication security requires multiple means of identification at login, it is widely recognized as the most secure method for authenticating access to data and applications.

How to Strengthen Your Authentication?

Thales' multi-factor authentication software delivers the protection you expect, while enabling customers with broader choice,secure improved visibility, and the ability to expand into the future. As a result, organizations using our MFA software have:

  • Better self-control of data - Thales enables customers with the option to create and control their own token data, so there is no reliance on a third-party vendor

  • Improved management and visibility – Thales' solutions deliver single-server management, providing full control, simple administration, and reduced cost and staff burden

  • Expanded options – Thales delivers the broadest choice when it comes to access security methods – so you can meet the needs of any user and any risk level (hardware or software, certificate-based authentication or traditional one-time-password, on-premise, or into the cloud)

  • Future-ready solutions - Thales provides new solutions that deliver MFA and single sign-on (SSO) for cloud applications as well as credentialing for mobile device management

  • Painless migrations - Thales offers seamless migration to cloud-based authentication, which maintain your existing investments and cause no disruption to end users

The Need for Strong Authentication

With the plethora of access control offerings available today, it is important for organizations to carefully evaluate the available solutions before making a decision on which solution to implement. When choosing a solution, organizations should take a number testof factors into account. The following are some questions to consider:

  • Do I want to protect my internal network from unauthorized access?

    If so, consider two-factor authentication (2FA) solutions that enable flexible and comprehensive secure network access, both in the office and remotely if needed.

  • Do my users need to connect from remote locations?

    If so, consider portable solutions that enable secure VPN and web access for remote users, and that enable employees to secure their laptops and data while on the road.

  • Do my users need to access many password-protected applications?

    If so, consider solutions that provide single sign-on functionality, either by storing user credentials on the token or by integrating with external single sign-on systems.

  • I want my users to digitally sign and encrypt sensitive data or transactions?

    If so, consider smart card-based solutions that provide secure onboard PKI key generation and cryptographic operations, as well as mobility for users.

  • How sensitive is my business data?

    The more sensitive the data, the higher the priority on the robustness and security of the solution.

  • Do I want to firmly protect data that sits on my users’ PCs and laptops?

    If so, consider token solutions that integrate with PC security products such as boot protection and disk encryption applications that require the use of a token to boot a computer or decrypt protected data.

  • Have I or do I want to implement a secure physical access solution?

    If so, consider token solutions that enable integration with physical access systems.

sso

SSO + MFA + Access Management

All in one platform

  • MFA Products
  • MFA Solutions
  • Industry Solutions
  • Resources

Thales allows organizations to meet the IT challenges of cloud, mobility, and escalating threats with authentication management platforms that offer flexible and simplified service delivery, and which address numerous use cases with the broadest range of authentication methods and tokens.

Thales MFA Products:

Authentication as a Service (AaaS)

More and more businesses embrace the benefits that derive from managing their data and applications in the cloud. As users access sensitive assets from a greater variety of devices and locations, organizations become vulnerable to new threats. AaaS enables organizations to easily apply strong authentication onto multiple access points.

Thales AaaS Products:

  • SafeNet Trusted Access:STA Delivers AaaS with flexible token options, enabling a quick cloud migration and protecting data from any source – from cloud-based and on-premise applications to networks, users, and devices.

Authentication Management

secure-remote-accessThales offers the most comprehensive identity access and management systems to administer, monitor, and manage strong authentication deployments across the organization.

Learn How Authentication Management Integrates with Access Management

 

Thales Management Platform:

  • vSEC: A flexible smart card management system for enterprise deployments requiring on-premises card printing for PKI-based authentication and physical access.

Authenticators – Tokens, Smart Cards & Other Form Factors

testOffering the broadest range of methods and form factors, Thales allows customers to address numerous use cases, assurance levels, and threat vectors with unified, centrally managed policies—managed from one authentication back end delivered in the cloud or on premise.

Learn More About Authenticators

 

Thales Authenticators:

  • Certificate-Based USB Tokens: Provide secure remote access as well as other advanced applications, including digital signing, password management, network logon, and combined physical/logical access.

  • Context-Based & Step-Up Authentication: Context-based authentication, when combined with step-up authentication, optimizes a layered approach to access security by assessing user login attributes and matching them against pre-defined security policies.

  • Certificate-Based Smart Cards: Strong multi-factor authentication in traditional credit card form factors that enable organizations to address their PKI security and access control needs.

  • Hybrid Tokens: Authenticators that combine one-time password, encrypted flash memory or certificate-based technology on the same strong authentication device.

  • Mobile Phone- and Software-Based Authentication: Save on hardware and deployment costs, while users benefit by not having to carry an additional hardware token around with them.

  • Pattern-Based Authentication: Also called Grid Authentication, presents the end-user with a matrix of cells which contain random characters, from which they select a 'personal identification pattern' (PIP).

  • Out-of-Band Authentication: (OOB) authentication is a form of strong authentication that utilizes a communication channel other than the channel being accessed to provide a ‘something you have,’ second authentication factor.

  • OTP Authenticators: Generate dynamic one-time passwords (OTPs) for properly authenticating users to critical applications and data, whether on a token, mobile device, or grid-based authentication.

Security Applications

testThales' security applications consist of middleware and password management software that enable users to securely store and manage user credentials.

Learn More About Security Applications

 

Thales Security Applications Products:

  • SafeNet Authentication Client: A middleware client that manages Thales' extensive portfolio of certificate-based smart cards, USB tokens, and software-based devices.

Do You Have Control of Your Data?

Organizations are facing new access control challenges as mobile devices become the computing platform of choice, as organizations rapidly adopt Software-as-a-Service (SaaS) and cloud-based applications, and as threat vectors escalate.

Thales allows organizations to adapt their business and security needs to meet these challenges with access security solutions that offer flexible service delivery which simplifies authentication implementation and management through automated processes, and which drastically reduce the time and cost of provisioning, administration, and managing users and tokens compared to traditional models.

Use Cases Addressed by Thales Solutions:

Mobile Workforce Security

testOrganizations need to leverage enterprise authentication to ensure secure remote access, even when their employees are located in the office.

Learn About Our Solutions for Secure Remote Access

Secure VPN Access

testAdministrators need to create consistent policies for secure access via VPNs and keep their identity and access management solution flexible, cost-effective, and easy to-deploy.

Learn How Our Solutions Secure VPNs

Secure Access to VDI Solutions

testThe growth in the use of virtualized environments – particularly Virtual Desktop Infrastructure (VDI) solutions – is challenging businesses to overcome the vulnerabilities of fixed passwords.

Learn How Our Solutions Secure VDIs

Secure Cloud Access

testThales's multi-factor authentication solutions for Software-as-a-Service (SaaS) allows enterprises to maximize cloud data security.

Learn How Our Solutions Secure Cloud Access

Secure Network Access

testTake steps to protect against corporate espionage and Advanced Persistent Threats (APTs) that originate from unauthorized local network access.

Learn How Our Solutions Secure Enterprise Networks

Secure Access to Web-Based Applications

testWith the right platform, organizations can efficiently implement unified access policies and single sign-on for web-based applications.

Learn How Our Solutions Secure Web-Based Apps

Context-Based Authentication

testWith context-based authentication, employees can easily and securely access enterprise and SaaS applications, as long as they meet pre-defined policy rules set in advance by the administrator.

Learn About Our Context-Based Solutions

 

Additional Uses Cases

In addition to the above, by combining authentication with encryption and cryptographic key management, Thales customers can address the following high-priority security needs throughout their organizations.

Virtualization and Cloud Security

testThales' data protection solutions solve the challenges of data governance, control, and ownership that arise in the cloud and virtual environments.

Learn more about Virtualization and Cloud Security

Data Protection Compliance

testBy adopting an information-centric approach you can meet the data compliance needs of today while staying persistently compliant with new mandates.

Learn more about Data Compliance

PKI Security

keyConsistently safeguard the integrity and trust of your organization's public key infrastructure (PKI) environments.

Learn more about PKI Security

Industry-Specific Multi-Factor Authentication Solutions

Offering solutions that are industry-specific, Thales is able to serve the particular requirements of our customers, protecting the world’s leading organizations in finance, retail, healthcare, and more.

Financial Data Security

credit cardThales is the market leader in financial data security for the world’s largest financial institutions protecting over 80% of the world’s fund transfers, providing transaction security for five of the world’s largest central banks.

Learn more about Financial Data Security

Healthcare Information Security

testWith Thales solutions, healthcare organizations achieve and maintain compliance by protecting sensitive data, such as patient records, medical transactions, and intellectual property for pharmaceutical and medical patents.

Learn more about Healthcare Data Security

Retail Data Security

testRetailers utilize Thales solutions to secure customer data inside their organizations and achieve compliance with all retail data privacy mandates.

Learn more about Retail Data Security

Government Data Security

buildingThales is trusted by governments across the world to secure mission critical information, control access, ensure data ownership, and safeguard communications.

Learn more about Government Data Security

Data Protection for Cloud Service Providers

ldkScalable cloud-based data protection solutions for increasing ARPU and reducing operational costs, all while simplifying operations and maintaining compliance.

Learn more about Data Protection for Cloud Service Providers

White Papers & Other Resources

The surge in high-profile security breaches, as well as evolving business environments that require entirely new considerations for access control - like Software-as-a-Service (SaaS) applications and mobile device management - represents a shift in how trust and control is established and maintained.

More than ever, authentication is vital for the health of any organization – empowering admins to secure access to corporate networks, protect the identities of users, and ensure that a user is who he claims to be. Check out the below resources to learn how your organization can utilize and benefit from multi-factor authentication solutions.

 

secure data sheet

Assessing the True Cost of Strong Authentication - White Paper

Many organizations rarely look closely at the Total Cost of Operation of their authentication solution and instead make a decision heavily driven by the up-front purchase price. This approach to assessing authentication costs shows that infrastructure investments and management overheads dominate the total cost of the solution. Lowering these overheads, therefore, would reduce Total Cost of Operation. Cloud-based services are increasingly becoming an integral part of the enterprise, precisely because they lower costs and management overhead while increasing flexibility.

secure data sheet

Have you developed your authentication strategy?

By understanding authentication technologies, you can select your authentication method with confidence. Authenticate successfully, get "A Comprehensive Guide to Authentication Technologies and Methods"

secure data sheet

SafeNet Trusted Access - Solution Brief

More and more cloud-based services are becoming an integral part of the enterprise, as they lower costs and management overhead while increasing flexibility. Cloud-based authentication services, especially when part of a broader access management service, are no exception, and can help organizations achieve significant savings through automation. An effective access management and strong authentication service enables companies to pursue consistent access policies across the organization by creating a single pane of glass for access events, while securing a broad spectrum of resources, whether onpremises, cloud-based, or virtualized.

secure data sheet

SafeNet Authenticators - Brochure

Offering the broadest range of multi-factor authentication methods and form factors, Thales facilitates and empowers enterprise-wide security initiatives for maintaining and improving secure access to enterprise resources.