I have been tasked with finding a good authentication solution for our corporate applications. These applications...
are highly sensitive and only few people will be allowed access. Our current authentication method is proving to be a weak one. The applications are Web based. There are number of solutions available these days which provide secure access. Depending on your budget you can go for Directory servers, which provide fast response and can utilize SSL for secure authentication. It uses SHA (One way hash) algorithm for authentication.
The other option is to use Client Certs. Since the application will be accessed only by few users, you can generate client certs for each and have them use it as their authentication credentials. This method provides a good level of security.
If you want a higher level of security, you can opt for Two Factor Authentication such as Secure ID. Two factor means: Something what you have and something what you know. A Secure ID (something what you have) is a hardware token, which generates random series of numbers and is used as a passcode or pin. Something what you know - is your Username/ID or Account number which is mapped to the hardware token. Combination of both these factors authenticates a user.
Related Q&A from Puneet Mehta
To view network security expert Puneet Mehta's latest advice, see his Public Profile on the IT Knowledge Exchange: http://...continue reading
Find out if there's a difference between a virtual private network (VPN) concentrator and a network access server (NAS) in this explanation from our ...continue reading
Our network security expert explains how to keep unauthorized users from accessing your router's IP address for Internet access in this advice ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.