How to Make an Authentication Cocktail

Authentication Cocktail

Who doesn’t enjoy a good cocktail?

James Bond liked his “shaken, not stirred” and most like them “on the rocks.” All this talk of cocktails is making me thirsty! However, today we are not here to talk about drinking a delicious drink; we are here to talk about an authentication cocktail.

What is an “authentication cocktail?”

An authentication cocktail is the pairing of two separate two-factor authentication (2FA) one-time password (OTP) delivery methods to make a full-bodied authentication combination that works in tandem to achieve the level of security needed to accommodate all end users and maintain your corporate security policy.

An authentication cocktail can be made either shaken or stirred depending on your needs.

 

RECIPE

Ingredients:

Makes 1 flexible solution

 

-Flexible authentication extension

-Registered users on Active Directory (AD)

-One current authentication solution (example RSA SecurID token)

-One new authentication solution (example YubiKey token)

-Select user groups


DIRECTIONS

Shaken:

Step 1. Purchase and deploy a flexible fixed cost authentication extension.

Step 2. Make sure you have a select group of RSA users that you can introduce to the easier plug and play USB YubiKey token.

Step 3. Prepare the users for the new integration by informing them of the change and assure them the changeover will be completely guided and painless because the user  can use both in parallel until their RSA token expires.

Step 4. Remove the expired tokens off your current authentication solution with in your AD, the RSA SecurID hard token and save LOTS of money.

 

Crossroads Banner 

Stirred:

Step 1. Purchase and deploy a flexible fixed cost authentication extension.

Step 2. Make sure you have a select group of RSA users that use their smart phone.

Step 3. Prepare the users for the new integration by informing them to install the Google Authenticator and assure them the changeover will be completely guided and painless because the user  can use both in parallel until their RSA license expires.

Step 4. Remove the expired RSA users off your current authentication solution with in your AD and save LOTS of money.

 

Solution Example History:

RSA SecurID Token: SecurID is RSA’s flagship authentication solution and has been a staple in many companies’ stronger authentication tool box for many years. However, this 2FA solution is also know to carry a hefty price tag and a set expiration date requiring a new token to be purchased at an established time.

YubiKey Token by Yubico: This modern solution is a USB token that provides stronger authentication and a one-time password at the push of a button. This token is much more affordable and does not carry an expiration date, so there is no need to replace the unit after a set amount of time.

Who is enjoying an authentication cocktail?

It is not uncommon for a company to run two separate authentication solutions in tandem for a number of possible reasons.

Accommodate select user’s needs: Employees that either work remotely or are constantly on the road can require a different type of stronger authentication to accommodate their needs.

Security clearance levels: Not everyone in an organization has access to or needs access to classified information, so why should they all use the OTP delivery method?

Transition from one 2FA solution to another: At times there are restrictions that either make a complete switch over impossible or just not plausible.

When any of these situations presents itself, an authentication cocktail is just what the doctor ordered and could be the answer you need.

Where to find the best authentication cocktail?

Unlike a good martini at a lounge, the best place to find one is in your own environment. The key is to finding the right main ingredient, a solution that can be that bridge, allow for different solutions to be working in tandem, and save you money in the process. It is important to find a solution that is flexible enough and built to allow for user groups to be segmented. Many IT professionals have turned to the authentication experts at PortalGuard to successfully establish and run an “authentication cocktail.”

Leave a Reply

Your email address will not be published. Required fields are marked *