This article can also be found in the Premium Editorial Download "Information Security magazine: Special manager's guide: Monitoring identities."
Download it now to read this article plus other related content.
|Cost estimates for strong authentication products|
$18-$35 per user per year
Hardware and software tokens that display one-time passwords
$3-$25 per user per year
Knowledge based/life questions
$1-$2 per user per year
Source: RSA Security estimates based on size of deployment and any associated software and hardware
How do security certificates work?
Certificates are typically used in conjunction with USB tokens or smart cards but can be implemented separately. A certificate is assigned to a user, a token or a particular machine and is read during the authentication process. Certificates are much more secure than they were a few years ago due to better encryption and more robust certificate stores.
Pros and cons: Certificates tend to be a stronger style of authentication, but come at a much higher cost. The infrastructure typically required in an enterprise (servers, hierarchical certificate server domain deployment and personnel) is pricey to set up and maintain. Third-party vendor-managed services help, but this authentication is still more expensive than most others reviewed here.
What to do: Organizations with extremely high security requirements, such as government agencies handling classified information, will want to consider certificates. Today, there are discrete pockets of certificate implementations, but with the increasing deployment of USB tokens and TPM chips, this sector is expected to grow over the next decade to become nearly ubiquitous.
This was first published in August 2006