secureauth & telesign webinar: secure customers are profitable customers
DESCRIPTION
2 Factor and Single Sign On for the EnterpriseTRANSCRIPT
©2013 TeleSign Incorporated. All rights reserved. All material in this presentation is confidential.
WEBINAR | SECURE CUSTOMERS ARE PROFITABLE CUSTOMERS
04/30/2014
2
Welcome to the WebinarPresented by TeleSign and SecureAuth Corporation
Michael Costigan, TeleSign Director of Business DevelopmentBryan Semprie, SecureAuth Corporation Sr. Sales Engineer - ChannelsGarret Grajek, SecureAuth Corporation Co-Founder and CTO/COO
• All attendee audio lines are muted• Questions will be answered at the end of the session• Submit brief questions on the Q&A panel• Send longer questions or off-line topics via email to
TeleSign the Enterprise
Security Breaches and RamificationsTelesign Solutions
SecureAuth IdP and TeleSign
2-Factor to ResourcesPassword Reset
Demo
Integration/Deployment
Q&A
WEBINAR AGENDA
Michael CostiganDirector of Business Development
Account Threats and Telephony-Based Authentication
5
April 2013 Major Daily Deal Site Hacked
• 50 Million users affected• Many subscribers did not return• Had plans for profitability in 2013• Instead, reported 81 M loss• CEO and founder steps down 8 months later
Customer Benefits
• Safe PII• Secure Self
Service Password Reset
• Customer Experience
Source: Washington Post
6
How Apple and Amazon Security Flaws Led to My Epic Hacking.Mat Honan
“If I had used two-factor authentication for Gmail, everything would have
stopped here.”
~ Mat Honan
Same Passwords Used Across Multiple Accounts
Mail Social Media e-Commerce Online Banking
Complex PasswordRequirements
Passwords cannot contain last
name, username, email address,
common words or names.
* * * * * * * *_
The problem with passwords.
7
ACCOUNT PROTECTION
21 43
Users can opt-in for two-step verification within account settings.
5
8
Website determines if device is trusted. Changes in these factors can trigger re-verification.
21 43 5
New Device New Browser Time Since Last Verification
New Location
ACCOUNT PROTECTION
9
User logs into account with their credentials. If login is from trusted device, verification is not triggered.
21 43 5
ACCOUNT PROTECTION
10
If triggered, a verification code is sent to the phone number or mobile app.
21 43 5
SMS Voice
ACCOUNT PROTECTION
11
User enters verification code into website to login or accepts push challenge.
21 43 5
ACCOUNT PROTECTION
12
PASSWORD RESET
1 2
User tries to reset password User selects secure reset method
13
PASSWORD RESET
43
User enters verification codeUser successfully resets password
SecureAuth IdP Integration with TeleSignSecure Resource Control
Garret Grajek CTO/COO SecureAuth
15
Secure Resource Control
SecureAuth Integration with TeleSign
1. 2-Factor to ResourcesWeb, Cloud, Network, Mobile AppsMultiple Directories, AD Forest
2. Password Reset
No CodingNo Web ModulesNo Customization
16
1. Integrated Into All Enterprise Resources
ObjectivesProvide 2-Factor Security To all resourcesWeb, Cloud, Network and Mobile
Admins: Provide drop-down integration (for 2F workflow)No application integration
Users: Provide easy browser based walk-throughMobile and Desktop
(1)
(2)
(4)
SecureAuth IdP Integrates TeleSign 2-Factor Auth into all Enterprise Resources
2-Factor for All Resources
1. Web
2. VPNs
3. Cloud
4. Mobile
(3)
18
Retain Credentials in the Enterprise
Control Access by Secureauth IdP
Conduct “Risk-based” Authentication
2-Factor Outside – SSO Indside
Language Adjusted to Browser/Device
Strong 2-Factor Up front
SSO on subsequent auths
TeleSign and Secureauth:Integrated Into All Enterprise Resources
19
2. Password Reset
ObjectivesProvide 2-Factor Password resetTo all datastores:AD, Multiple Ads, LDAP, SQL, ODBC
Admins: Provide drop-down - 2F workflowNo application integration (pre-built page)
Users: Provide easy browser based walk-throughMobile and Desktop
20
2. Password Reset
SecureAuth connects to native data store
No Synching of PII/PHI (No Snapchat 3.5M hack)
Full browser-based workflow
Matches Enterprise Password Polices
SecureAuth TeleSign Demo
Bryan SemprieSr. Sales Engineer – ChannelSecureAuth
Benefits
Extreme Ease of Use for Users
All devices (Mobile, Desktop)
All locales (US, International)
22
The SecureAuth/TeleSign Integration Enables:
Enterprise ControlUtilize Existing Entities
AD, LDAP, SQL, etc.No Synching or User Migration
2-Factor AuthenticationTo Enterprise Controlled Resources Web, Network, Cloud and Mobile
23
Who Title E-mail Phone
Mike Costigan
Director of Business Development
[email protected] +1.310.742.8207
Bryan Semprie
Sr. Channels Engineer [email protected] +1.860.383.5907
Garret Grajek CTO/COO [email protected] +1.949.777.6970
SecureAuth Sales Sales [email protected] +1.949.777.6959
Contacts and Q&A
http://www.telesign.comhttp://www.SecureAuth.com
Thank you!
24
Q & A