enterprisesecuritymag

SecurEnvoy [AIM:SWG]: Secure Authentication with Seamless User Experience

Doug Chase, VP Sales for North America, SecurEnvoyDoug Chase, VP Sales for North America
Modern-day businesses have come to a realization that traditional password systems have turned antiquated in the face of sophisticated technologies that hackers use to access sensitive data. As if things aren’t bad enough already, users who do not follow best practices in having strong passwords or are failing to use unique passwords for each account, contribute to increased vulnerability making it easier for hackers to steal the passwords and data. This is where tokenless 2FA is a game-changer, enabling organizations to enhance their information security as part of a broader best practice cyber security strategy. One of the original inventors of this tokenless authentication is SecurEnvoy [AIM:SWG], a company that “offers innovative and reliable authentication solutions that are utilized by hundreds of thousands of users every day,” states Doug Chase, VP of Americas at SecurEnvoy.

Giving its clients the broadest choice of options, SecurEnvoy enables any user device to be used as an authenticator. The company through its cost-effective solution, SecurAccess, offers mobile phone-based tokenless two-factor authentication for accessing data through VPN, SSL, remote desktop, Wi-Fi, and laptops among others. Authentication can further extend to voice calls, SMS Text, Yubikeys, desktops and several more. The breadth of options allows for virtually any end-user deployment scenario.

Deployed on-premise to give the organizations complete control over the environment, SecurAccess is an easy-to-authenticate platform, where, via push notifications, the users don’t need a pin, and can also reuse their existing Microsoft or other application passwords. SecurEnvoy also offers the option of one-time passcodes which can be preloaded eliminating SMS delays and signal issues.
This approach expands the range of users to include third parties and even consumers, alongside internal staff. Since there are no resynchronization or PIN resets, it can reduce the overall cost involved in helpdesk management.

For clients that do not want to authenticate over SMS texts, SecurAccess is flexible to enable the ability of voice control, where a user can receive a phone call and enter the token on the phone. Another unique strength of the product is the “split key” feature. SecurAccess codes are Fips140-2 random numbers with no keys or seeds required and the apps uses split keys where the second part is the device’s unique characteristics. Only part of a key is ever stored on the device thus malware cannot copy a key that isn’t present and cannot call external API’s as none are available. No customer sensitive data or keys are ever stored by SecurEnvoy.

Chase illustrates the use case, involving an organization from Wisconsin, which utilizes all of SecurAccess’ methods of authentication—hard tokens, SMS codes, and push notifications among others. The client purchased SecurEnvoy’s solution specifically since they wanted to have the internal ownership of the solution, with all the data and directory services saved behind their own firewall. Different departments of the organization and its multiple locations could all use instances of the solution harnessing the scalability of Active Directory (AD) as the core database. With all the replication already performed by the existing infrastructure, deployment was similar to simply adding a user to an existing AD group. This scenario promises how extensively the solution can be used in organizations that have far-reaching end-users.

With strong footprints in the U.S., England, Germany, and Australia and operating in countries around the world, SecurEnvoy envisions to outplay its innovative multifactor authentication capabilities. Chase states, “Our innovations are focused on providing enhanced deployment scenarios to our customers and partners. As we grow into the broader Identity Access Management market, SecurAccess provides an extraordinary foundation for hybrid deployments coupling internal cloud and on-premise security.” Through its concepts of “freedom of choice” and “freedom from fear,” which represent the most extensive deployment options and its highly secure technology respectively, SecurEnvoy is en route to achieving its goal of providing the most flexible, convenient, and secure authentication for organizations.