strong authentication
Overcoming the security obstacles of single-factor authentication methods

Single-factor passwords used to access applications, devices and web services are often a weak link in security enforcement.

Security risks and challenges of single-factor authentication

Passwords can be guessed or even copied from innocent post-it note reminders. Along with weak or socially-engineered passwords, these can lead to unauthorized access to applications, services and devices. While strong authentication can be achieved in a number of ways, multiplying the methods to authenticate and authorize users often adds additional layers of software, hardware, support and cost and can frustrate users with additional steps.

How can CSS help ensure the security of Strong Authentication?

  • Enable strong authentication for all applications and services that support x.509 authentication without any agents or app customization
  • Deliver non-exportable certificates directly to Windows, Windows phone, iOS, Mac, Android and Linux platforms
  • Issue tailored certificates for unique access to individual applications and services
  • Enable user self-service for requesting and installing virtual smartcards
  • Deliver certificates with on-device key generation (ODKG) and support non-repudiation for users authenticated into line-of-business applications
  • Centrally monitor and report on PKI operations across multiple vendors and operating systems, including impending client certificate expiration
  • Implement demonstrable and fully auditable security operations

How can PKI and digital certificates enable Strong Authentication

  • By seamlessly adding a layer of authentication that requires the user possess a digital certificate on the originating device, PKI ensures that compromised passwords cannot be used in other locations by malicious users trying to gain access to publically exposed apps
  • Digital certificates provide a seamless, low-cost alternative that improves security by layering a non-exportable 'virtual smartcard' on top of password authentication.
  • PKI is a high assurance proven technology for digital certificates
  • A well-managed PKI can issue, deliver, revoke, track and update certificates on an as needed basis.

Learn more about reliable methods for supporting Strong Authentication.