Sep 01, 2011
Six Decision Factors for Hardware-Based Authentication
One of the fundamental elements of any IT organization’s security strategy is verifying the identity of its users in order to grant them the correct access rights to network resources. Given the ever-increasing number of employees and devices requiring remote access to the corporate network, implementing effective yet easy-to-use authentication is a major challenge facing many network administrators.
Digital certificates and PKI were meant to be the panacea for the authentication problem, but certificate management and administration have proven too onerous for most organizations. Users also have struggled with installing and using soft digital certificates. Many of the first hardware authentication devices were used to store digital signatures, and they suffered by association, even though they’re easier to use than soft digital certificates.
Other hardware tokens such as smartcards, one-time password generators and other devices have been trumpeted and tried with varying degrees of success. However, no one approach has been able to gain a solid foothold or become the obvious hardware authentication technology of choice. Despite vendor hype, many products have proven too complex to deploy and manage.
Nonetheless, products are now much more mature, and organizations should be encouraged to consider replacing inherently weak password systems with hardware authentication to protect sensitive data. In this report, we examine the pluses and pitfalls in choosing and implementing a hardware-based authentication method, and guide you to make the best decision for your business. (S3400911)