FREMONT, USA: ActivIdentity Corp., a global leader in secure identity solutions, part of HID Global, announced that Aberdeen Group, a Harte-Hanks Co., has published a new market alert titled “The Case for Smart Cards.”
The study commissioned by ActivIdentity and HID Global explored the RSA SecureID breach and subsequent industry shift toward smart cards. The resulting paper identifies the breach as the primary market driver for this trend along with the erosion of traditional network perimeters, the weakness of traditional username and password authentication methods, and the potential compromise of privileged systems and accounts.
According to two recent Aberdeen research studies – "The Zen of Network Access" (December 2010) and the "Q1 2011 Aberdeen Business Review" (May 2011) – there was a noticeable shift in market trends in the area of end-user authentication, showing a decreased use of OTP by a factor of 2.5- to 3-times, whereas the demand for smart cards increased by a factor of 1.5- to 2-times. As noted in the “The Case for Smart Cards” paper, the multi-factor authentication provided by smart cards makes elevation of access privileges (as seen in the RSA attack) considerably harder, and also inhibits untrustworthy insiders.
“The Case for Smart Cards” is available for free download on the ActivIdentity and HID Global website. It outlines the following key factors and benefits that are driving the smart card market opportunity:
* The multi-purpose nature of smart-cards.
* Advancement in credential management systems that support the management of smart cards and card-based credential throughout their lifecycle.
* Greater vendor-integration and out-of-the-box support for essential capabilities, such as certificate authorities, hardware security modules and integration of card-based authentication with applications, networks, endpoints, servers, physical access management systems, etc.
* Greater flexibility and choice in terms of deployment models.
“Recent solution provider enhancements make smart cards more accessible to a broader market, especially small- and medium-sized organizations,” said Derek Brink, vice president and research fellow for IT Security at Aberdeen Group. “At the same time, the RSA breach and other headlines are raising industry awareness and prompting fresh consideration of strategies for end-user authentication.”
“The study makes it clear that the old, perimeter-based defense model that has been used for decades, is no longer effective by itself,” said Julian Lovelock, ActivIdentity’s senior director of product marketing. “Use at work of personal mobile devices, sophisticated malware and popularity of social networks are making it increasingly difficult to keep the perimeter secure. Companies are realizing that they need to implement strong authentication to secure access, even for users on the internal network.”
ActivIdentity recently revealed best practices for avoiding enterprise security breaches and issued recommendations outlining three keys to success in addressing them.