$1.700 - 24-Feb 09:35
Menu X

Intelligent Authentication Solutions

Strong Authentication with Single sign-on (SSO)

Click the numbers to learn more

Intelligent Authentication Solutions

Download as pdf  

Standard User Accessing Normal Systems & Applications

By integrating Single Sign-on with Active Directory, you can login once with username/password and get access to all of your allowed applications wherever they reside.

Standard User Accessing Sensitive Systems or Applications

As a standard user, if you wish to access systems or applications that are tagged with a higher level of security policy, a strong authentication event will be triggered asking you to provide an additional factor of authentication such as a unique 6 digit security code, push authentication request etc.

Privileged User (Strong Authentication Triggered Regardless Of User Location)

If you are identified as a privileged user within the system such as a financial controller or network administrator, you would typically have higher levels of access to sensitive information, systems or applications. If this account is compromised, the risk of “damage” is higher, therefore strong authentication should always be required.

Standard User Access but Outside Normal Behaviour

As a standard user, if your behaviour is considered outside the “normal” range (such as logging in from a new location or if no “normal” profile has been established) you will automatically trigger a strong authentication event and need to add an additional authentication method.

Standard User Accessing Normal Systems & Applications

As a standard user, if you move outside the network boundary, the system can collect data on what your “normal” behaviour is over time as you login. i.e. perhaps you work from home some days or travel interstate regularly and stay at the same hotel. If you’re logging in via a public network and your behaviour is within the “normal” range, then you can still use Single Sign-on and get access to all of your normal apps as if you were in the office. This access could extend to customers, suppliers etc.

Just like an internal user, access to sensitive apps or information from outside the network will always trigger a strong authentication event.

Suspicious Access Behaviour

The highest level of security is reserved for behaviour identified as very suspicious such as geographically impossible logins, for example, an initial login from Australia then 10 seconds later a login from overseas. In these situations, strong authentication would be immediately triggered requiring multiple methods of identification – i.e. something you have (smartphone), something you know (security question) and something you are (fingerprint).

For IT departments, the challenge is supporting the explosion of access mobile devices and Cloud-based applications that contain your data, but are not within your visibility or control.

Often, the only thing between your data in the Cloud and attackers is a password – and passwords alone are vulnerable, costly and complex.

How do you currently grant access to your internal network or applications?

"We are not using strong authentication."

Can you envisage a scenario where you would like to provide strong authentication for users without using a token?

"We would really like to get rid of our tokens and the administration overhead of managing them."

Are you leveraging Cloud applications, for example: Office 365, Salesforce, Google Apps, Concur, Dropbox?

"Yes we have multiple Cloud based applications."

How many passwords on average do your users have to remember?

"We do not have Single Sign-on and users have to remember multiple passwords."

Securing your data needs to be your number one priority. The majority of breaches could be eliminated with two-factor authentication.

If your answers to any of the questions above are similar, Data#3 can help!

Contact a Data#3
Security Specialist


Intelligent Authentication – Beyond the Password

This Discussion Paper explores how enterprises can move beyond the password (something the user 'knows') to an intelligent authentication process that eliminates the risk of weak and vulnerable passwords.

First Name*
Last Name*
Job Title*

Corporate Head Office

67 High Street
Toowong QLD 4066
Phone: 1300 23 28 23
Fax: 1300 32 82 32

Post Address

PO Box 551
Indooroopilly QLD 4068

Follow Us Online

© Copyright Data#3 Limited
ABN 31 010 545 267