Fast-track to cost effective PKI-based 2FA
The strength of Public Key Infrastructure (PKI) security principals are well established, but so too is the misconception that deploying them within a corporate environment is likely to be complex and costly.
To remove implementation barriers, Dot Origin have put together a 5-user ‘Proof of Concept Kit’ based on their many years of experience in supporting customers through PKI logon implementation projects of all sizes. The kit enables IT professionals to try-out secure smartcard-based user authentication from only £150, and with typically just a few hours of set-up time. Once proven, the chosen solution can be easily scaled to cover many users, as well as other related applications, such as: disk encryption, email encryption and digital signatures.
For a self-contained company network (even with a Windows domain controller that’s cloud hosted or operating across a hybrid environment), it is generally possible to set up the technical elements of a PKI-based solution quite straightforwardly. PKI implementations normally only become complex when there is a need for legally-enforceable trust relationships to be established with third parties and external systems, which adds onerous requirements for putting in place policies and documented processes.
So while the underlying cryptographic methods used in a PKI solution are indeed complex, assembling the appropriate standards-based components into a secure, working system doesn’t need to be. The challenge has been in knowing just what additional software is and isn’t required, where it can be found, and choosing the appropriate mix of off-the-shelf hardware elements.
Because Dot Origin is an independent technology company they are used to putting together the systems that best fit all types of customers’ needs, and because they believe in letting customers see working solutions (rather than just giving glossy sales presentations), they like to support low cost pilot deployments that demonstrate effectiveness in customers’ own environments. That’s why Dot Origin has created a smartcard logon kit, to help IT professionals through PKI-based 2FA implementation.
What the kit includes
The kit provides everything needed to implement PKI-based smartcard logon to a Windows domain. Additional paid-for software and drivers can be added to extend use to other operating systems (Linux and OSX), and to integrate with third-party applications (using standard PKCS#11 APIs).
Products from industry leading manufacturers are included to enable different hardware and software options to be evaluated, along with various approaches to managing cards and users prior to a wider deployment.
Software includes Versasec’s ‘Card Management System’ (CMS), this fully-functional application is provided with a ‘Proof of Concept’ license that’s easily-upgradable. Other software tools to enable card PIN/Passcodes to be changed, certificates to be viewed and other basic tasks are also provided.
Hardware includes PKI-enabled, security-certified smartcards and a range of USB smartcard reader/writers in desktop and portable form factors.
Expert support is on hand from the Dot Origin team to help where needed.
Extending application and integration
By making use of standards-based PKI technology, the same cards, digital certificates and infrastructure can be used for other applications: disk encryption, digital signatures and email security.
Hybrid smartcards can also be supplied; incorporating popular RFID technologies for contactless applications, such as door access and document print release. Hybrid cards provide users with a single convenient, cost-effective, secure credential for all identity & access applications enterprise-wide.
See the kit on stand L8 at International Security Expo 2018, or get in touch with the experts at Dot Origin: