ESET Secure Authentication
Use two-step (two factor) authentication for extra layers of protection
ESET Secure Authentication provides powerful software-based two-factor authentication (2FA), safeguarding your company's mobile workforce against data breaches due to compromised passwords and aiding in regulatory compliance with HIPAA, PCI DSS and others. ESET Secure Authentication validates VPN and logins with a unique one-time-password (OTP) adding an important layer of security to your organization's sensitive data. Simple to manage, ESET Secure Authentication is more flexible, cost effective, and easy to use than hardware OTP tokens or appliances. Secure your employees' Outlook Web Access (OWA), Remote Desktop Web Access, Microsoft Exchange, Microsoft SharePoint and Microsoft Dynamics CRM. Secure your SSL-VPNs in as little as 10 minutes
How ESET Secure Authentication 2FA works
Unlike standard password authentication, 2FA OTP requires two elements: a user's password and an OTP generated on a designated physical device. It is the physical device requirement that sets 2FA OTP methodology apart. With each login, a new OTP is required, meaning access to the device is required. Should the user’s password be compromised, a criminal could not gain access to your network as they do not have the complementary device.
ESET Secure Authentication is the easiest and quickest way to implement 2FA for your business. By using the smartphone that the user already carries with him or her, the ESET Secure Authentication mobile app is always within easy reach when the user needs a secure, randomly generated OTP. The mobile app requires no IT help to install on the client-side and very little training to use. The server-side integration and management is equally simple, making ESET Secure Authentication much less expensive to own than other 2FA solutions.
Mitigate risky password practices
- Using 2FA with OTP protects against these common password weaknesses:
- User-created passwords can be easily guessed if they do not
- contain randomized characters
- Passwords that are reused on both an individual's work and personal accounts create risk
- Passwords containing user-specific data-a name or date of birth—can be easily guessed
- Simple patterns used to derive new passwords can be easily hacked
- Static passwords can be intercepted and reused maliciously without consent
Industry regulations require businesses to take significant measures towards ensuring data privacy and hold them liable for any data breaches. Regulatory agencies recognize that static passwords are easy to compromise and require strong authentication for access to sensitive information. As BYOD adoption and mobility among the workforce continue to increase, more remote access sessions are at risk of password compromise. Two-factor authentication is no longer optional but essential to complying with data privacy requirements from industry regulations such as PCI DSS, HIPAA, FFIEC Guidelines, Sarbanes-Oxley, FERPA, NIST and CJIS.
More InfoFeatures and Benefits