White Papers

  • SecureAuth 2-Factor as a Service (2FaaS)

    Learn more about SecureAuth’s 100% cloud-based authentication solution, 2FaaS. 2FaaS is suitable for web, cloud, mobile, and VPN resources, and can be utilized on any device from any location. The solution scales from a few users to hundreds of thousands without any cloud synchronization or user information/passwords being stored off-premises.

    For convenient and secure 2-Factor Authentication for your employees, customers, partners, and contractors, deploy SecureAuth’s 2-Factor as a Service.

  • SecureAuth IdP Hardened Appliance

    SecureAuth IdP can mitigate most attacks, such as the Heartbleed OpenSSL Attack with its fully tested, hardened appliance and overall secure architecture.

    Relevancy to Heartbleed Attack

    SecureAuth IdP is an enterprise-grade solution built on commercially purchased crypto, web, and application server components. The components are crafted together by SecureAuth to create a “solid-state” authentication/SSO server. The server is then tested against vulnerabilities and pen-tested by internal and external resources.

    In addition, full tests of the solution utilizing all known methods of attack, including the SSLTest.py attacks are implemented against SecureAuth IdP for the OpenSSL attacks that were reported in the Heartbleed attack.

    Given that SecureAuth does not use OpenSSL cryptography for securing its webserver, it is no surprise that SecureAuth sites are not vulnerable to this attack.

    Download the white paper to read more.

     

  • SecureAuth IdP for Office 365

    SecureAuth IdP protects users and all data within the Office 365 environment, utilizing 2-Factor Authentication for internal and remote users, single sign-on from the on-premise directory to Office 365 and other SaaS, web, network, and mobile resources, and Identity Management (IdM) services to log and audit authentication events, instantly revoke any user’s or device’s access, and that enable user self-services like password reset and self-enrollment.

  • SecureAuth IdP Device Fingerprinting – Low-Friction, BYOD Authentication

    SecureAuth’s patented “Device Fingerprinting” significantly decreases authentication friction by recognizing devices and linking them to specific users. This system eliminates the need for subsequent authentication on any device – desktop or mobile – and is completely configurable by the enterprise.

    Read the white paper to learn more about this revolutionary SecureAuth IdP feature.

  • SecureAuth and CAC Cards – HSPD-12 Authentication to Web, Network, and Cloud Resources

    This paper will examine the needs of CAC card holders and how the implementation of SecureAuth IdP into the government agencies will uniquely enable users to strongly authenticate and transparently access all web, network, and cloud resources with SSO via their CAC cards.

  • Why MDM Fails in BYOD Settings, and What to do About it

    This paper will look at the scope of the BYOD threat, the inherent problems of the MDM approach and will argue for a better solution, Mobile Access Management (MAM). By focusing on users, not devices, MAM delivers a true BYOD solution to businesses of all sizes.

  • SecureAuth IdP – What is an Identity Provider (IdP), and Why Do I Need one?

    Learn what an Identity Provider (IdP) is and why so many enterprises are struggling to become one for their enterprise Mobile, VPN, Web, and Cloud resources.

  • SAML Alone is not Secure – Here’s How to Fix It

    Learn to augment SAML with an SecureAuth Identity Enforcement Platform to make your online activities every bit as secure – if not more so – as your on-premise ones.

  • How to Secure Identities in the Cloud (or anywhere) via STS

    Using a Security Token Service (STS) to Enable Application-Based Identity Enforcement

  • FFIEC Authentication

    SecureAuth IEP Addressing FFIEC Authentication Requirements

  • Bilateral (Client/Server) Authentication – Solved

    SecureAuth solves the dilemma of how to deploy a bilateral authentication system for cloud and enterprise resources without a costly overhead or complex infrastructure.

  • An Introduction to SAML

    SAML stands for “Security Assertion Markup Language,” and is an XML-based standard for communicating identity information between organizations.