Resources

Get case studies, datasheets and whitepapers offering detailed insights into solutions to challenging multi-factor authentication, password replacement and cloud single sign-on authentication problems.

Major US City Council depends on PINgrid

Known as “The Sunshine City”, St. Petersburg, Florida in the US Solution Highlights averages 361 days of sunshine each year. It covers 61.7 square miles and has a population of approximately a quarter of a million people making it the 5th largest city in Florida. St. Petersburg has emerged as a top destination for the arts with the Dali Museum, the Dale Chihuly world renowned glass collection, and six art districts. It is the job of the city’s 2,500+ employees to provide the essential services and support that keeps the city running smoothly.

The city decided that an additional layer of security was needed and a two-factor authentication (2FA) solution would be the most prudent way forward. The city’s Information Security team investigated, demonstrated and discounted a number of the market leading solutions. Mr. Campbell explains:

“The solutions we looked at were not straightforward, elegant, nor in a small enough
form factor to make us feel comfortable in choosing any of them. That is until we found PINgrid.”

Forward thinking NHS Foundation Trust deploys 1.5 Factor

About Liverpool Heart and Chest Hospital NHS Foundation Trust Solution Highlights Liverpool Heart and Chest Hospital NHS Foundation Trust (LHCH) is a specialist cardiothoracic hospital which each year performs 60,000 outpatient appointments and 12,000 inpatient procedures. In 2012 the Trust was awarded the highly prestigious Health Service Journal Awards “Provider Trust of the Year”.

The Trust is forward thinking in its use of technology and had already rolled out Windows 7 en masse and invested in a large number of iPads as part of its scheme to reduce paper. It also advocates a Bring Your Own Device (BYOD) policy, so the solution needed to be flexible.

“The 1.5FA approach offers the perfect fit for a BYOD strategy,” explains Connor. “It means authorised staff can get fast and secure access from any device anywhere and our systems are fully protected at all times.”

Remove passwords when logging onto Windows workstations and servers

The Authlogics Desktop Logon Agent provides a simple way to remove passwords when logging onto workstations and servers without impacting the Windows security model.

The Authlogics Windows Desktop Logon Agent is a Password-less Multi Factor Authentication(MFA) authentication solution that provides secure access to a Windows Desktop without the need for a user to enter their AD password. Applications behave just as though a valid password was entered to avoid constant password prompt popups and ensure seamless compatibility.

Simply put, you get the full Windows experience without passwords.

A true Enterprise-class solution, scaling from stand-alone installations to highly available multi-master integrated deployments.

The Authentication Server is a software only solution which can be installed onto any Windows Server (2008 R2 or higher) and is well suited to virtualisation; no dedicated hardware appliance required. Multiple servers can be installed for High Availability at no extra cost. The server supports both Active Directory (AD) and Microsoft SQL Server as databases. AD is recommended for most scenarios especially if the user accounts already exist in AD. Although data is stored directly in AD, no schema extensions are required. SQL Server is recommended for hosting environments or where AD is unavailable.

Adding real value to Azure and Office 365

Office 365 is a comprehensive suite of online and offline applications backed up by Azure Active Directory. As Azure and Office 365 provide access to and store confidential company information, it is critical to secure the access to them. Out of the box, Office 365 allows access via a username and password combination which is not very secure, especially since they are not protected by your perimeter network firewall and remote access controls.

The Authlogics for Azure and Office 365 solution provides secure authenticated access from inside and outside the network to cater for a multitude of scenarios; be it Azure administrator access, Mobile device sync, Outlook client connectivity or simple browser access to OWA or SharePoint.

The low down on Operation High Roller

Many banks utilise a 2 Factor Authentication (2FA) system which combines something you know with something you have. Solutions used by banks range from clumsy card reader devices to SMS/TEXT messaging, each with their own merits and pitfalls. These systems aim to prove that you are who you say you are, and not to prove that you are doing what you mean to do.

With the High Roller attack, the bad guy gets around 2FA systems by getting the user to enter the valid 2FA information / One Time Pin (OTP) into their browser. The malware is then able to give this information to the fraudster to use in an attack either directly from the user’s machine, or from a remote server – all while showing the user a fake page. Once the fraudster has a valid and unused OTP they can then use it to process their own fraudulent transaction as if they were the legit user.