Unit 14: Authentication




             Strong authentication technology to strengthen  their remote access so that the confidential   Notes
             client files will be secured from various hacking  attacks as well as they meet the various
             compliances.
             Solution
             Customer evaluated multiple two-factor authentication options available in the market to
             meet  their needs. The criterion applied by the customer is to make sure the product offers
             Industry  level security, product is easily configurable with the Juniper SSL VPN and is a
             cost effective  solution so that they can offer it to all their employees enabling them to work
             remotely and  increase their productivity.  ArrayShield IDAS delivered robust Two Factor
             Authentication Solution that met all customer  needs. ArrayShield IDAS provides a robust
             two factor authentication leveraging user’s ArrayCard and a pattern that is remembered
             by the user. Before users are allowed access to the  VPN they must enter a unique Secret-
             Code  derived  from  the ArrayShield  IDAS  technology. The  Secret-Code  is  generated
             through the combination of a pattern that each user remembers and  an ArrayCard (credit-
             card sized translucent card) that the user carries with them. This simple  process ensures
             that only authorized personnel are able to access the system and protects  users’ identities
             from being intercepted or stolen, without the need for an expensive token  based system
             typically used with other strong authentication technologies. Another key  advantage
             is that the user need not remember any complicated password which makes the  whole
             system experience easier.

             Securing Customer Remote Access
             IDAS integration and deployment with Juniper SSL VPN at Customer premise was very
             smooth and happened in a few hours. The whole of the deployment and integration was
             carried  out    remotely  by  the  ArrayShield  Expert  technical  team  and  the  customer  was
             impressed with the  ease of installation, configuration and the remote support provided
             by  the ArrayShield team. As the IDAS system is lightweight  and high performing, it
             required Customer to allocate just a  minimal hardware in their premise to deploy IDAS
             Authentication manager.  Customer was very happy with the technology and business
             benefits provided by the solution,  and within few weeks have taken more licenses to roll-
             out the solution to the wider use base.

             Outcome
             1.     Meet  Compliance  Requirements:  By  implementing  Two  Factor  Authentication
                 technology, customer has met the various data accreditation security requirements
                 of ISO 27001, PCI DSS Level1 and HIPAA
             2.     Improved Productivity: By enabling IDAS for Remote Access VPN, the Customer’s
                 employees can now connect to their corporate network from anywhere, and respond
                 to critical communications with-out having to wait for the next day.
             3.     Security and Cost Targets Met: With a cost effective IDAS Two Factor Authentication
                 solution integrated with VPN, the customer is satisfied that their security requirements
                 are met within the budget available.
             Questions:

             1.   Study and analyze the case.
             2.   Write down the case facts.
             3.   What do you infer from it?
          Source: http://www.arrayshield.com/uploads/IDAS-2FA-CaseStudy-Financial-Services-Remote-Access-VPN.pdf







                                           LOVELY PROFESSIONAL UNIVERSITY                                   255