Category

Xpress Password

ABC of Password and Authentication Management

By | Xpress Password | No Comments

 

Research says at an average 130 accounts are registered to one email address, 11 passwords are forgotten each year and 71% of accounts are using a password that are used on the other sites !!

Passwords are no longer considered the most convenient or secure way to authenticate since it is only about something the person knows, knowledge can be hacked into.

With the advent of technology, additional options became available for authenticating users. Federal Information Processing Standards Publications (FIPS PUBS) defined certain standards for authentication. These are:

 


Read Whitepaper

New ways to authenticate are combining these three attributes: Knows, Has and Is. For example, you may be asked to authenticate first with a password. Or PIN, then with an OTP token & finally with a fingerprint.

While this many make things quite foolproof it is at a high cost of user Convenience. Hence today’s authentication techniques try to balance between “security” and “user convenience”.

This is typically achieved with “context-based” step-up authentication. For example; if a user first authenticates with his password and the network information, user information, device identification… some or all of these are providing affirmative signals, no more authentication other than the password will be necessary. However, if these signals are showing normal user profile being violated (example: coming in from a network or device that does not fit into the normal pattern) the level of trust/authentication is elevated to “What person has” or “What person is”, or both.

ILANTUS is committed to a safer world and is a member of FIDO alliance.

Announced in Dec 2014, FIDO (Fast Identity Online) is the world’s largest ecosystem for Standards-based, Interoperable Authentication. It reduces reliance on complex passwords, has a single gesture to log on, works with same device people use every day, uses the same authentication with different services and is fast convenient. It is based on public key cryptography and has no server-side secrets to steal.

Read Whitepaper

Equifax hack & Weak Password Management

By | IDaaS, Xpress Password | No Comments

Researchers found more than 388 records of Equifax user and employee end point data being available for sale on the dark web. This data includes user name, title, password and login url.

Many of the company executives used simple password that could be easily guessed.

A robust password policy beyond what AD offers and higher levels of authentication can be obtained only by using a “comprehensive Enterprise Password Management System”, Such as ILANTUS “IDaaS Next Xpress Password”

Tired of using multiple user ids & passwords?

By | IAM, Xpress Password | No Comments
  • User ID and password combination is still the most common way through which users gain access to an application. Average number of applications that a user has access to is increasing with the proliferating applications on-premise and on the cloud. Hence the number of passwords that a user has to remember is proportionally increasing.
  • Complex password policies and password history requirements lead to more number of incidents for ‘Forgotten Passwords’.
  • Due to stringent IT Security compliance & audit requirements, each user should have their own account to access each application.
  • More and more organizations are embracing adoption of BYOD. Hence organizations need to ensure users have access to applications through all these devices.
  • With globalization, remote workforce is proliferating. Ensuring access to applications for these remote workforces is a top priority for the organizations.
  • Adoption of Mac workstations is proliferating. Lot of organizations has a mix of Windows and Mac workstations.
  • These challenges lead user to use multiple user ids and passwords with more complex password policies. It reduces the user conveniences and of course, their productivity. On the other hand, increases the help-desk calls/tickets as the users often forgot their passwords or locked out their applications accounts.
    According to Gartner, one of the main global IAM Market Research organization:
  • Approximately 30% of total call load for multipurpose help desks are password-related. Volumes are higher for limited-function call centers.
  • Hard costs for help-desk-related calls range from $3 to $18 (For North America organizations) per call. The lower end of the range pertains to call centers that provide predominantly administrative support; the higher end of the range pertains to help desks that have more highly compensated technical staff that perform multiple support functions in addition to password-related calls.
  • Also, the use multiple user ids & password may lead to security threats, as users will find short-cut ways to remember these passwords such as sticking those passwords on their workstations/laptops, use “easily guessed” password or commonly used passwords such as “P@ss1234”, “Abcd1234” etc.
    By using a Single Sign On solution or a Password Management tools, these challenges can be easily addressed.

Password Resets: Save Money

By | IAM, Xpress Password | No Comments

 

Gartner and other analysts say that organizations spend between $5 to $15 in resetting one password.  While customers do realize resets are creating added costs, there is no comprehensive Password Management product that can truly meet the complex needs of an enterprise, ensure easy implementation and does not cost much.

ILANTUS has  one of the only solutions on the market that can save your organization  thousands of dollars a month through its comprehensive features, easy deployment while keeping the costs down.

Take a look at how to save money with ILANTUS XPRESS PASSWORD (PXP).