In the wake of today's evolving threat landscape, the FFIEC recommends a robust, layered security program that includes the use of dual customer authorization through different access devices. Strong authentication when combined with federated SSO (single sign on) standards can strengthen, accelerate, and provide key security components to build a layered security model that addresses FFIEC mandates. Learn from Forrester Research Speaker - Eve Maler and Intel experts how on-premise or cloud hosted financial applications now require a more convenient, adaptive, and portable strong authentication model.
In this expert session learn:
Unique value prop of federated SSO combined with strong auth
Overview on software OTP authentication components and flows
How SAML based SSO provides a rich authentication audit trail for compliance
How mobile based software OTP compares to other strong auth methods
Adaptive authentication & SSO use cases decomposed
How to deliver one-time passwords over various channels such as smartphone apps, SMS, email, and Yubikeys
Enterprises are adopting federated single sign-on (SSO) to cloud SaaS applications such as Google Apps and Salesforce to reduce helpdesk costs associated with password resets.
But there's another good reason to centralize authentication in the enterprise: it lets you perform two-factor strong authentication to enable secure access to these cloud applications. With the advent of rootkit-based malware that gets surreptitiously installed on personal computers and can compromise some of the most robust online authentication techniques, financial institutions should not rely solely on any single control for authorizing high risk transactions, but rather institute a system of layered security.
Given these newer threats, the new supplement to the FFIEC Authentication Guidance recommends a layered security program that includes the use of dual customer authorization through different access devices that can help provide a level of security that customers expect and that can protect institutions from financial and reputation risk.
Strong authentication via hardware tokens has been used to secure internal application access for some time, but recent events have shown this method to have serious downsides - not including the administrative cost and associated operational complexity. As the cloud, partners and a remote workforce drive demand for access to sensitive applications outside the traditional firewall, clearly a more convenient, adaptive, and portable strong authentication model is required. The emergence of federated SSO and mobile-based software tokens provide a more powerful, flexible approach.
In this expert session with Forrester Research learn:
Unique value prop of federated SSO combined with strong auth
Overview a software OTP authentication components and flows
How SAML based SSO provides a rich authentication audit trail for compliance
How mobile based software OTP compares to other strong auth methods
Adaptive authentication & SSO use cases decomposed
How to deliver one-time passwords over various channels such as smartphone apps, SMS, email, and Yubikeys
Webinar Registration
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Director - Product Management, Intel - Cloud Identity & Security
Prior to Intel, Vikas has held leadership roles in product management and software development over the last 15 years at a wide-range of technology companies including Oracle, Oblix, Wipro and Infosys. Vikas holds an BS in Electrical Engineering from Birla Institute of Technology in India
Eve Maler
Principal Analyst, Forrester Research
Eve is an expert on emerging identity and security solutions, identity federation, consumer-facing identity and web access management, distributed authorization, privacy enhancement, and web services security. Prior to joining Forrester, Eve was an identity solutions architect with PayPal, developing business and technical strategies for new consumer identity services offerings. Previously, Eve managed Sun Microsystems' technical collaborations with Microsoft on web services and federated identity interoperability, and she made major leadership, technical, and education contributions to the development of the SAML standard for federated identity. Eve is based in the Seattle area. http://www.forrester.com/rb/analyst/Eve_Maler
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.