This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
2. - Authentication: Read more in this section
- Best of authentication 2013
Explore other sections in this guide:
- 5. - Email security
- 6. - Encryption
- 7. - Endpoint security
- 8. - Enterprise firewalls
- 9. - Identity and access management
- 10. - Intrusion detection and prevention
- 11. - Mobile data security
- 12. - Network access control
- 13. - Policy and risk management
- 14. - Remote access
- 15. - SIEM
- 16. - Unified threat management
- 17. - Vulnerability management
- 18. - Web application firewalls
- 19. - Web security
Gold: SecurID, RSA, the security division of EMC Corp.
This year our readers simply couldn't decide which of two industry heavyweights put forth the best enterprise authentication product, so for the first time ever, our Readers' Choice Awards honor dual winners.
The first is no surprise: For the fourth consecutive year, a gold medal goes to RSA, the security division of EMC Corp., for its SecurID line, which includes much more than a cryptographic keychain token and the supporting Authentication Manager back-end software or appliance.
The SecurID family also includes two-factor authentication software that allows enterprises to substitute hardware tokens with smartphones, tablets and even PCs; risk-based authentication that supports traditional username/password logins with additional authentication when deemed necessary; and an authentication engine that allows SecurID functions to be built into custom applications.
The product received high marks across the board, but readers notably praised its integration and ease-of-use characteristics.
Gold: Symantec User Authentication Solutions, Symantec Corp.
Also receiving a share of the authentication gold this year is Symantec's line of enterprise authentication products. Its product family, based largely on former VeriSign technology, is headlined by the Validation and ID Protection (VIP) Service, which competes directly with SecurID by offering a variety of multifactor authentication options using hardware and software tokens as well as tokenless access. It's supported by a cloud-based authentication service that manages back-end functions without the need for an on-premise hardware or software installation.
The VIP for Mobile add-on incorporates smartphones and mobile devices into the authentication infrastructure. It supports more than 850 different mobile devices, including Android, iOS, Windows Phone and BlackBerry platforms, and offers an over-the-air download designed to enable user installation without IT involvement.
Expert market reflection on category dynamics:
"Enterprises have been giving total cost of ownership and user experience increasingly greater weight when selecting new authentication methods, which has driven adoption of phone-as-a-token authentication methods over any kind of dedicated hardware authenticator. As the phone itself becomes the endpoint, interest is shifting towards low-friction biometric authentication methods, underscored by RSA's recent acquisition of PassBan."
-- Ant Allen, research vice president, Gartner Research
Silver winner: Symantec Managed PKI for SSL, Symantec Corp.
Symantec compliments VIP with a variety of PKI services, including Managed PKI for SSL, which takes home this year's bronze medal for authentication. Managed PKI for SSL is a digital certificate service designed to reduce cost and complexity for enterprises in which numerous administrators issue a large number of digital certificates for many users and systems across numerous divisions and business groups.
Because SSL protection is often necessary for Web, application and database servers throughout an enterprise, in addition to mobile and cloud deployments, Symantec's product offers centralized management of SSL and SSL-EV issuances, automating receipt of requests and enabling instant authorization based on established policy.