Whether it was at the Mobile World Congress in Barcelona or an ocean and continent away at the RSA (News - Alert) security event in San Francisco, the need to better protect and secure data through easy-to-use multi-factor authentication is top of mind of IT professionals around the world.
The reason, as universally acknowledged at this point, is simple. As a result of BYOD proliferation in enterprises, the number of vectors of vulnerability has exploded and, as recent reports have highlighted, the malware on mobile devices is on the rise as bad guys take full advantage. The harsh reality is that authentication/identity has become the new perimeter as those with malicious intent probe for opportunities and easily circumvent even the necessary but insufficient advanced firewalls. Hence fortifying authentication is a matter of urgency.
It is because of this that the agreement between global IT services provider Tata Communications (News - Alert) and leading security solutions provider SafeNet commands attention. The deal involves Tata using SafeNet to provide cloud-based multi-factor authentication as a managed service – globally. It will be a first-of-its-kind service in India. The goal is straightforward: leveraging the cloud-based delivery model to enable businesses to implement an additional security layer that verifies the legitimacy of a transaction and secures access to corporate networks.
Security as managed service in the cloud
As noted, there is no turning back the clock on the BYOD trend in enterprise around the world, or the increased use of cloud-based services and network-based applications. IT departments need capabilities that give them better visibility over their environments and interactions with external touch points. The cloud is rapidly emerging as a place to find the user authentication capabilities needed to meet evolving modern cyber threats and allow IT to better mitigate risks. As the headlines have shouted recently, this is going to be particularly of interest for those in the e-commerce and banking sectors.
In terms of what is being offered, Tata Communications' cloud-based multi-factor authentication offers both hard and soft token authentication. It creates what is described as a layered defense system that is designed to make it extremely difficult for unauthorized access a computer system or network.
Image via Shutterstock
Multi-factor authentication is delivered via tokens. These generate a constantly changing key code that used in addition to the usual static password. The token provides a supplementary layer of security as only authorized users are provided with these tokens. Based on the user preference, the tokens can be installed on computers or mobile devices. Where Tata is providing the value of this being a managed service is in its 24x7 helpdesk support.
Srinivasan CR, vice president of global product management for Data Centre Services at Tata, explained, "Identity and access management are anchors for security. However, traditional multi-factor authentication services require on-premise hardware investment, maintenance and the right skills for management, which together act as a deterrent for deployment. Our multi-factor authentication service gives customers easy access to a customizable cloud-based model, which is hosted in Tata Communications highly connected global data centers. The increase in the number of powerful end-user devices, coupled with intelligent and networked applications, makes secure access a vital ingredient to anytime, anywhere access for employees, partners and customers."
Prakash Panjwani, senior vice president and general manager of Data Protection Solutions for SafeNet (News - Alert), added, "Rising threats, risks, and vulnerabilities as well as changing business requirements, emphasise the need for a strong authentication approach. Our partnership with Tata Communications will allow businesses to feel secure about their cloud and mobility initiatives. It will enable an extra layer of safekeeping that is imperative when adopting a holistic security infrastructure while keeping the cost of implementation down. Customers will benefit from a strong, integrated platform that will help them identify and implement more secure solutions for protecting their most valuable information."
It may seem almost ironic that a managed security service via the cloud is the means to better securing an enterprise—given the cloud adoption of many mission critical capabilities has been slowed because of security concerns. However, increasingly the myths of cloud as being less secure are being dismissed, and clearly for many enterprises having globally security as a service for a host of not just security but financial reasons is a path that is going to get serious consideration.