Ok – that might be a stretch for some you. But I had a glimpse into this stretch of a metaphore this weekend when I talked to the Noritz installers of my tankless water heater.
So a little background on the Tankless Water Heaters. They are this water heating technology that says, ”it’s silly to be heating 50, 75, 100 gallons of water, 24/7″ - just in case, really – just in case, you may just per chance want to turn on hot water for your shower, kitchen and/or washer machine.
I mean, – given that we, in the IT industry, are all part engineer – the mere concept of the traditional water heater design for “the just in case I need Hot water” – is pretty offensive, eh?
OK.
Let me give you one more “mentally offensive” concept.
Lets take all your user authentication credentials. (This blog is for IT readers, of course). All these wonderful identities that you, the IT director,:
- Get paid to maintain
- Get paid to protect
- Get Audited on
- Can lose your company’s business license if stolen
And lets take those credentials and move them out to your cloud applications. Oh – and not just ONE cloud application – but each one, say:
- Your messaging system:
- Your CRM system
- Your employee System
- Your expense reporting system
- Your financial system
Etc.
Now you got all these logon credentials – which everyone knows users use the same password for each account – thus if you steal one set of logon credentials – you can get into all the others. (This is 100% the idea behind the WikiLeaks hack – sure the Gawker blog accounts were worthless – but the ID/password tuplets can AND WERE used on other more important accounts.)
So now, fellow IT people, how do we solve this problem?
Like the Tankless Water Heater we only produce the credentials to these SaaS (Cloud Services) when needed. (Or “On-Demand”, if you are 3-initial trained.) This way:
- We don’t leave credentials all around planet earth
- For the Bad guys to steal
- For employees to forget
- To maintain
That’s it. It’s really that simple – that is the value (and the Sanity) of SecureAuth in your 2011 IT (SaaS, Web, VPN) environment.
You retain your identities (Active Directory or other). You decide how to authenticate (SecureAuth – Single Factor, 2-Factor, X.509, SMS, Telephony, etc). You log the user authentication, locally. (See image #2)
Image #1: SecureAuth becomes the “on-demand” 2-Factor credential supplier to cloud services. SecureAuth can also authenticate on premise web and VPN systems as well.
Pretty cool, eh?
Oh – and about the tankless the water heater? Well, my 4-year old and wife like the hot water – and I might just be an “IT guy” – but even I know , tht’s all that really matters, no?
–
Garret Grajek is CTO and a founder of the SecureAuth Corporation.
Categories
Blog |
Tags
|
Author
SecureAuth |
|
The people at Google, are dispelling the misinformed view that Google Apps is only for SMB customers – every day.
Their latest arrow into that errant belief is Google’s quality support of multi-domains. That is, a single Google Apps account (and thus the administrator) can view/add/manage multiple sub-domains under a single google console.
And the most amazing aspect – the users can can be redirected to on-premise datastores – for authentication.
Google, as all understand in this industry – really are “The Standard” in federation design. They don’t worry about preserving anyone’s legacy infrastructure – nor do they force anyone into a closed architecture.
What Google does is:
- Determine functionality Requirements
- Determine the most deployable path
- Implement a solution that works
- And adher to browser-web server simplicity
The latest testiment to the philosophy is: Google Support for Multi-Domains.
The question now is:
The Answer is SecureAuth for Google Apps. (Please see image #1)
Image #1 – Secureauth supports Google Multi-Domain configurations.
SecureAuth allows an enterprise to federate multi-domain Google support, regardless how they set up their on-premise directories;
- Each Google Domain can be configured to its own directory
- Each Google Domain can be configured to its one directory
This 2nd scenario is not trivial – unless your federation system is intelligently designed. The ideal way is to be able:
- Have users hit their individual Google Domains
- Be redirected to a federated logon page
- Obtain authentication from their known ID/Password
- Have a 2-Factor authentication if needed
Free Instructional Webinar - Configure Google for Multi-Domain SSO Support with your Active Directory: Thursday, 12-16-2010, 10am PST
–
Garret Grajek is CTO of the SecureAuth Corporation. SecureAuth is a 2-Factor SSO identity enforcement platform for VPN, Web and SaaS resources.
Categories
Blog |
Tags
|
Author
SecureAuth |
|
Cisco and Apple have worked together to make the iPhone a bonafide business tool. Since July 2008, the iPhone 2.0 offers a IPSec option that can conduct a VPN connection to the Cisco ASA 5500 Series and PIX firewall.
The question has been: How to authenticate users via the iPhone that is both convenient and easy to utilize for users and secure for the enterprise?
The question has been resolved by MultiFactor, via its SecureAuth for iPHone solution. SecureAuth securely delivers to the iPhone a native X.509 private/public key pair which is utilized by the iPhone IPSec to securely connect to the Cisco remote access device. The result for the end user is the first fully functional hand held solution, with the full security of the revered Cisco remote access architecture delivered on the convenient iPhone platform.
For a full demonstration and explanation of the SecureAuth solution for the Cisco/iPhone integration, please register and attend the MultiFactor Webinar on November 12th, 10am PDT. Or contact MultiFactor today at 949.777.6970/sales@multifa.com
Webinar: SecureAuth Secures the iPhone for Cisco ASA Access
Categories
Blog |
Tags
|
Author
SecureAuth |
|
MultiFactor Corporation presents:
SecureAuth 2-Factor Security for SSO, User and Password Account Management
SecureAuth is an ideal solution for Password Management, SSO and User/Help Desk account Management. SecureAuth distinguishes itself from other solutions by providing an integrated 2-factor “front-end” that overcomes constant identity management issues. SecureAuth 2-Factor authentication is delivered as an integrated part of a customizable user and password management solution.
Join us Thursday, May 14th 2009, 10am PDT to learn how SecureAuth 2-Factor Security for SSO, User and Password Account Management can work for you.
Categories
Blog |
Tags
|
Author
SecureAuth |
|
