MSP Today Expert Feature
January 14, 2013

SecurEnvoy and PasswordBank Team Up on Tokenless, Two-Factor Authentication for IDaaS

A new partnership between tokenless authentication company SecurEnvoy and PasswordBank will provide tokenless, two-factor authentication capabilities to PasswordBank's identity management offering.

The partnership will enable PasswordBank customers to access cloud solutions through the company's single sign-on platform.

The new authentication capabilities let PasswordBank's clients access offerings like Google (News - Alert) Apps, Office365 and using SMS messages for two-factor authentication.

The partnership with SecurEnvoy adds business-grade security to the package, without the need for users to carry a physical token with them at all times.

Authentication tokens traditionally require users to carry a physical token that generates a one-time passcode (OTP) entered as part of the two-factor authentication process. The code is comprised of a static PIN number that changes every time the user logs in, and which expires within a set amount of time.

The prevalence of BYOD and mobile devices has enabled OTPs to be sent by apps to a smartphone or through SMS for convenience and flexibility.

The goal of two-factor authentication is to ensure a person is who they say they are via a combination of two or three factors. These may include something the user knows like a password or PIN, or something they have like a token or fingerprint.

SecurEnvoy's Tokenless two-factor authentication technology is geared toward mobile phones and is used throughout the world. It requires no remote software deployment and administrators simply use management tools to deploy up to 100,000 users per hour.

The authentication is being integrated with PasswordBank's Identity-as-a-Service (IDaaS) platform, which offers secure access to corporate identity in hybrid IT environments comprised of cloud and on-premises networking. Features include identity and access management, federated identity, hybrid single sign-on for enterprise and Web, and privileged user management with delivery via SaaS (News - Alert), on-premises and hybrid modes.

“A major benefit of cloud technology is that it frees employees from their workstations, and gives them access to the tools they need, wherever they are and whenever they need it," said Steve Watts, sales director for SecurEnvoy. "Knowing how important security is, many companies implement two-factor authentication to ensure that they always know who is accessing their systems at any time. But forcing users to carry tokens around with them (and not letting them login if they don’t have them) defeats the point. By combining the freedom of using SMS messages as the second factor, with the flexibility of the cloud, suddenly workers really do have the freedom they need.”

“We have enabled two-factor authentication with tokens for some time, but our clients are starting to demand solutions that are cheaper to implement and deliver more flexibility," added Dennis Lee, VP of Technology from PasswordBank. "By offering the tokenless solution from SecurEnvoy, we can meet the demands from our customers – and we can implement it with our current systems easily.”

Edited by Braden Becker