Protecting companies high-risk users with certificate-based authentication

Last updated: 19 March 2014

As with all subjects in the wider IT world, security is not static, therefore, no company is immune to attack. We believe that the increasing sophistication in persistent and evolving attacks aimed at corporations calls for heightened security, at a minimum for companies’ high-risk populations (system administrators, security officers, senior executives, traders, etc.).

TradersThe trend towards greater mobility among workers, especially within this high-risk category, as well as new technologies such as virtualization, cloud computing and social networking, means more potential entry points into the network and an increased need to balance security with convenience. The strength of the authentication method chosen should be linked to the type of information, network or asset being protected as well as the cost of integrating it into a company’s IT and security infrastructure. There are multiple means, most of which are given a good description over at

Every new threat is a lesson and businesses have an opportunity now to implement a well though-out and cost-effective security solution, including at a minimum strong authentication for sensitive users. Strong authentication adds layers of identity verification to ensure only authorized users gain network access.  We recommend strong authentication of all kinds, segmented according to needs, and in the case of high-risk populations, we recommend certificate-based authentication in the form of smart card-based solutions leveraging Public Key Infrastructure (PKI) certificates. PKI solutions use public and private keys and their certificates with software applications, encryption technologies, process and services enable secure communication and business transactions.  The private key is maintained by the end user and is not transmitted over the network.  One-time Password (OTP) will always have a place in authentication, but OTP alone is unable to handle the attacks of today and is inadequate for high-risk populations.

We’ve recently launched PKI solutions for traders who often need to be logged into multiple terminals and also deployed solutions in a healthcare environment such as the Seattle Children’s Hospital where the information protected doesn’t have a financial value but is equally sensitive. In the second case multiple authentication tools are used, but why? In the words of Mike Kindle, their senior director, Enterprise Architecture “to provide “a cost-effective path to PKI, and the flexibility to evolve our security technology to meet future requirements.”

Still want more? Then visit our strong authentication solutions page