IRVINE, CA--(Marketwire - Aug 1, 2012) - SecureAuth, the leading provider of identity enforcement technology for the enterprise, today announced the release of SecureAuth IdP, the first- two-factor identity provider (IdP) solution that enables companies to become their own IdP. By becoming an IdP, companies can better control, enforce and extend security standards to all on-premise and cloud-based applications, and mobile devices within their organization. It also enables single sign-on (SSO) without the need to synchronize to an enterprise directory or to send credentials to a third-party SSO provider, which dramatically increases IT security.
"Enterprises have perfected the retention, manipulation and auditing of on-premise identities as mandated by several governing guidelines, but as they adopt cloud applications, auditors and security analysts are finding that there is a failure to standardize identity storage at the SaaS providers," commented Craig Lund, CEO and co-founder of SecureAuth. "As new security guidelines begin to command common criteria at the SaaS level, SecureAuth IdP provides a simple pathway for enterprises to meet regulatory and compliance obligations for cloud and mobile applications. The objective is to ensure seamless SSO convenience that is secure and prevents major breaches."
According to the Identity Theft Resource Center, there were 189 known breaches from January 1 of this year through the beginning of June. Those breaches exposed approximately 13.7 million records. SecureAuth IdP prevents potential breaches with a full featured, two-factor security token service (STS) that meets today's security requirements for both internal and external resources. To ease administrative burden, its elegant architecture eliminates the need for traditional network access controls for standard users as well as last-generation hardware-based user authentication products, client software, server agents, and related tools. In a single, swiftly implemented solution, SecureAuth IdP provides:
- Enterprise secure access to the web, virtual private networks (VPNs), SaaS, and
- Configurable two-factor authentication using X.509, SMS, telephony, e-mail, KBA or Help Desk.
Identity Provider Technical Information
To become an identity provider, the enterprise must:
1) Set up a secure Web Server
2) Construct secure directory communication
3) Enact the proper (two-factor) authentication
4) Construct the proper protocol for identity assertion (SAML, OpenID, OpenID Conect, etc)
5) Cryptographically sign the assertion
6) Verify the identity is the proper federated identity,
7) Log the authentication
8) Facilitate all self-management of the identity and help desk management, including two-factor password reset, profile management, identity provisioning and revocation.
SecureAuth IdP implements all these functions in a single product. A graphic illustrating SecureAuth IdP is available to download from the SecureAuth News page. Enterprises interested becoming an identity provider and implementing secure, two-factor SSO across all on-premise and cloud applications and devices can contact a SecureAuth representative or call 949-777-6959.
SecureAuth is a technology leader in enterprise identity governance that serves hundreds of customers and over seven million users worldwide. Its SecureAuth IdP products offer Global 5000 companies a uniquely extensible, enterprise-proven method of administering corporate identity governance on cloud-based applications, mobile devices, and networks. These all-in-one solutions provide IT departments with a simplified way of managing and enforcing access, authentication, approval and assertion based on existing user entitlements. SecureAuth IdP works anywhere and is completely scalable. Headquartered in Irvine, Calif., SecureAuth was awarded the Stevie Award for "Fastest-Growing Company" in 2012 by The American Business Awards. For the latest insight on enterprise identity governance and issues follow the SecureAuth Blog, on twitter @SecureAuth or visit www.gosecureauth.com for additional information.
SecureAuth, SecureAuth IdP and the SecureAuth logo are registered trademarks of SecureAuth Corporation. All other products or company names mentioned herein are trademarks or registered trademarks of their respective owners.