Browse Sections
This content is part of the Awards: 2014 Information Security Readers' Choice Winners
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Security Readers' Choice 2014: Best enterprise authentication products

The market leaders in the enterprise authentication category faced stiff competition this year from some noteworthy upstarts.

When it comes to authentication, a picture is worth a thousand words. To be more precise, following the recent incident in which dozens of nude-celebrity photos were hacked out of the iCloud, the importance of strong authentication has suddenly been made clear to the general public, in a way that no vendor brochure or user awareness training session ever could.

Hence, there may never be a more opportune time for organizations to refresh their enterprise authentication technology, and there's no shortage of innovative products to choose from.

"While phone-as-a-token is now the most popular class of user authentication methods at the expense of legacy hardware tokens, mobile computing continues to strain traditional approaches and is driving buyers and vendors to find new technologies that offer less friction and better user experience," says Ant Allan, research vice president with Stamford, Conn.-based Gartner Inc.

Major authentication vendors are increasing their investment in contextual and adaptive approaches, and even pushing the envelope on biometrics. But ultimately, according to Allan, the next trend likely to transform the authentication landscape is the Internet of Things.

"Although broader availability of NFC [near field communications] and Bluetooth might breathe new life into the use of smart cards," he says, "the Internet of Things is poised to revive demand for hardware tokens in the form of wearables."

Although the nod went to two of the market stalwarts in the field, readers gave high marks to several upstart products from less traditional players. This year's winners should be on notice for next year.

Winner: RSA Authentication Manager/SecurID, RSA, the security division of EMC Corp.

For a fifth year running, RSA's Authentication Manager/SecurID product group emerged as a top choice among Readers' Choice survey respondents. That's in part because the SecurID hardware tokens, in conjunction with the back-end Authentication Manager, are so widely deployed. And they're widely deployed because the back end runs on so many platforms (Windows, Linux in several flavors, and AIX) and the technology plays nicely with the existing LDAP servers many organizations depend on. For organizations that want to keep it simple, RSA offers two (differing capacity) versions of the back-end appliance.

But objective industry observers know that there are plenty of other things to like about SecurID. First, RSA has built up a wide set of options for token devices, including the soft tokens that are so rapidly gaining ground in the consumer financial market. Authentication Manager is robust enough to handle high volume, enterprise-level transactions, supporting hundreds of simultaneous transactions with solid logging and reporting; it's not a surprise that our readers gave the product especially high marks for scalability.

RSA Authentication Manager/SecurID
RSA's Authentication Manager/SecurID product lineup is a five-time Readers' Choice winner. Besides the familiar keyfobs, authentication options include risk-based analytics that shore up login/password combinations without resorting to one-time codes.

Readers particularly liked that SecurID's ease of use makes the product friendly to end users. No doubt they also liked the more than 400 network products and applications that natively interoperate with the SecurID product line.

Winner: IdentityGuard, Entrust Inc.

There's a lot packed into Entrust's IdentityGuard, a multifactor authentication platform that manages soft tokens, physical hardware tokens, fingerprint recognition, grid cards, digital certificates and PINs. These days, the platform also supports near-field communication and Bluetooth standards for enhanced access with mobile devices. Add support for cloud authentication, plus solid physical access integration and you've got the means for a truly converged authentication deployment.

Like several of the leading authentication providers, Entrust has introduced risk assessment capabilities that can conduct on-the-fly assessments of when authentication strength should be upgraded, depending on the value of the resource being accessed and applicable company policies.

IdentityGuard, Entrust Inc.
Entrust's IdentityGuard handles all the authentication scenarios one might imagine, including near-field communication and Bluetooth standards.

For organizations seeking to leverage mobile devices for branded authenticated interactions, Entrust also offers a software development kit, enabling applications tailored to the requirements of a specific environment. With this approach, IdentityGuard can be embedded in an organization's existing mobile applications, making for a genuinely seamless authentication experience.

Send comments on this article to [email protected].

Next Steps

Which enterprise authentication products did readers recognize last year? Compare this year's results to the 2013 best of authentication.

This was last published in November 2014

Dig Deeper on Two-factor and multifactor authentication strategies