Is it possible to execute logon credentialing to access the Internet? In my organization, our logon credentialing occurs at the application level, and our workstations are connected by generic access. For financial reasons, biometrics isn't an option.
The spectrum of authentication tools is broad, ranging from simple user ID and password systems to biometrics. For Internet access from a company, the same is true. Don't think that biometrics is the only option -- it's not..
There are several options depending on the size of the company, the type of access needed and the security level needed.
If corporate workstations are connected by generic access and logon is at the application level, some sort of authentication to the gateway that connects the company to the Internet is needed. If this is a proxy server, it could be configured to require logon credentials. Every user needing access would have to get a unique account on this gateway.
That means any time a user with an account tried to access the Web, they would be asked for a user ID and password by the proxy at the beginning of the browsing session. When the user closed the browser, he or she would be logged out.
Setting up a proxy server requiring authentication as an Internet gateway is a simple way to restrict Internet access. Besides, the proxy, just like any other server, can log and monitor user access to the Web. Filtering software, such as Blue Coat or WebSense, can also be installed to block inappropriate sites.
Other options -- again, depending on the mobility of an organization's workforce and business needs -- may include going through Citrix or an SSL VPN. These two options provide secure VPN access over the Web, but they should only be considered for remote access, as from laptops for traveling or telecommuting employees. They entail some overhead for setup and may require additional hardware besides a simple proxy gateway.
Dig deeper on Enterprise Single Sign-On (SSO)
Related Q&A from Joel Dubin, past SearchSecurity.com expert
The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access ...continue reading
Picture passwords for mobile device security aren't a new idea, but they have been recently improved. Identity and access management expert Joel ...continue reading
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.