Adding Channels

I notice a lot of talk about “Out-of-Band”. That is when you use a different channel for the authentication than what you use to access an application. For example, if you log in to Google Apps through your web browser in your computer, you would input your user ID and your static password. This triggers an activity in your cell phone, where an application starts for you to approve the login. This is a user-friendly and secure way of logging in. Nordic Edge Pledge version 2 will have this feature.

Better future for PKI

Public Key Infrastructure (PKI) with a certificate has been around for a long time. The traditional way to use the technology can be a bit cumbersome to install and not all applications or clients support it. Going mobile with this type of solution is also a problem. A way to get around this is to include it an application like Pledge. We are going to use PKI with certificate in the “Out-of-Band” implementation in Pledge v.2. This will be a more user-friendly way to use PKI, and enables integration with more applications.

Face-off

In the field of biometrics, we’re seeing solutions that use existing hardware in computers or cell phones, such as the camera. Nordic Edge is talking with a few companies that offer face recognition solutions, so perhaps this is something we’ll be involved in as we move forward. There are still some challenges with enrollment and integration. Another concern with biometrics is the False Rejection Rate, meaning when the system erroneously rejects verification, even if it is the correct user. This can be very frustrating for users.

Moving forward with IPT

Intel Identity Protection Technology (IPT) is another frontier solution Nordic Edge supports, in this case, in our One Time Password Server. IPT is two-factor authentication that is built in the actual processor. The keys used to generate OTP:s are stored in the hardware. When the user logs in, an OTP is generated and sent, all without the user having to manually type it in. There are more functions of IPT underway, such as Protected Transaction Display (PTD). PTD is when login or other transactions details are shown on the screen but outside the operating system. This secures that it is an actual user verifying the login or the transaction and not some sort of rouge code.

Mixing it up

An up-and-coming buzzword these days is ”context”. It refers to mixing in several parameters in the authentication. Or rather, you mix in several parameters in the decision of which authentication that should be executed and what other demands you have. Simply put, it means that if the computer you use sits on its own network  and you are logged into a directory, you can get Single Sign-On for an application. But if the same user tries to access the application from the Internet, the system will demand strong authentication.

Endless possibilities

Another – slightly more advanced – example is something we have been working with Intel IT on. Intel has an access verification system to all its offices. When a person enters, that person is recorded as “inside”. We pair this with information on where the device they use is located. If the person is registered as “inside” and the device used the intranet, no strong authentication is required. But if the user is outside the building, or device using an external network, the system requires OTP through Pledge. As you can imagine, there are many additional possibilities with this solution. Here is a list of just a few examples what this access verification can be based on:

• IP address
• Physical placement
• Application type
• Type of operating system
• Type of unit
• Webb browser
• Endpoint security installed and turned on

At Nordic Edge, we work hard to expand our platform with these kinds of functions. So stay tuned for more news in the near future.

Yours,

Jesper Tohmo

The best option for multiple users

When the list is done, I ask how many use the various methods, and not with only 10-15 users, but on a larger scale. The result is usually about the same every time. A few audience members use a biometric solution; a few others certificates; but the vast majority use one-time passwords.
Why is that? Biometric solutions have been around for a long time. I first came across them in the mid 1990:s. And why do so few choose certificates? When I ask, the reasons vary, but they all boil down to this:

• Cost. Either for time or money.
• Enrollment. How the solution is implemented.
• Hardware requirements. Both biometrics and certificates demand additional hardware.

When you start looking at new authentication tools, it’s important to be mindful of those aspects. RSA has dominated the market for some time, but after their recent issues, many clients seek new solutions. When I perused the exhibitors at the RSA Security Conference, I found many alternative solutions. However, it’s easy to succeed with a demo for a few users. It’s a completely different thing to make it work in the real world and with many users.

Pledge gains momentum

At Nordic Edge, we have always focused on strong authentication solutions that are easy to implement, cost efficient, user friendly and – whenever possible – do not require additional hardware. Most of our clients currently use SMS delivery for their one-time passwords. But we notice that they now glance at other delivery methods. Most popular is our software client Pledge. As soon as there is a demand for any kind of hardware implementation, the scalability of the product diminishes. Pledge solves that dilemma.

Increased mobility brings new demands

The popularity of one-time passwords is partly due to that you can use it with most units you want to log in from. This aspect becomes increasingly important, as we switch focus from ”standard PC” to wanting to access information from a variety of units, oftentimes mobile ones. This trend is probably a main reason why so many companies find it difficult to succeed with using only one delivery channel. We noticed this early on. Hardly anyone of our clients could get by with just one channel. They needed several to accommodate the variety of units, users and applications.

Next time, I will discuss what new methods are underway, and what products we are working on to meet the new demands.

Regards,
Jesper Tohmo
CTO, Nordic Edge

I am proud to introduce the first Nordic Edge newsletter especially designed for you. This newsletter introduces several of the many partner-focused initiatives we have launched recently. One is the Partner Portal – designed to be your best sales support tool in your daily work.

Nordic Edge has always strived to build strong partner relationships. We believe that a mutually beneficial alliance between Nordic Edge and you is crucial for both to succeed. And we have succeeded in many cases, but not enough. The time has come to change that.

Nordic Edge has come a long way since the beginning in 2002. A little more than one year ago, we took the biggest leap forward so far, becoming part of the Intel family. The Intel connection, and our close relationship with the fellow Intel company McAfee, means that new horizons open for us, both geographically and technically. For one, we will adopt Intel’s goal to expand in Europe. We will continue to lead the way in secure identity management, and bring you the latest software for new frontiers, such as IPT and BYOD. We want you to join us on the exciting journey that lies ahead.

The new Partner Portal will be your travelling guide. It will supply you with all the tools necessary to support and grow your selling, and develop your client relationships. Comprehensive product sheets, dedicated sales contacts and product training are a few initiatives already in the portal. It is our ambition to continue to develop the portal and its benefits for you. Moving forward, you will notice more of initiatives aimed to realize the vision of making 2012 the Year of the Partner.

With that, I invite you to register in the portal and start benefiting from a better, stronger and more beneficial relationship with Nordic Edge.

Regards,

Jim Carlsson
CEO

One year has passed since Intel acquired Nordic Edge. CEO Jim Carlsson highlights what has happened since then. He also shares some exciting news for the future.

I sit here and look out over a snow- and ice-covered Stockholm. In this fast-paced world, it is sometimes important to stop. Think. And reflect…

One year has gone by since Intel acquired Nordic Edge. I met a reporter from a leading Swedish business newspaper the other day. He asked me:

• How does it feel to be a subsidiary of Intel? Will you disappear in the Intel cloud?

I was both happy and proud to tell him that since we became a part — albeit a small part — of Intel, we have:

• Hired 17 people — a 50 percent staff increase.
• Incorporated our secure login solution (One Time Password Server) into Intel’s latest generation of processors. The product will be revealed on Feb. 26 at the RSA conference, the world’s largest IT security conference, held in San Francisco.
• Integrated our One Time Password Server and our user provisioning engine (Nordic Edge Automatic Account Manager) with McAfee Cloud Identity Manager. As a result McAfee, one of the largest software security companies in the world, will now sell Nordic Edge products. They will do so under their own brand name, as a solution for integrating different types of cloud services with existing company infrastructures.

Furthermore, Salesforce.com will offer its clients a user provisioning service starting on March. 1. That product is based on Nordic Edge technology.

Looking back at the first year as part of the Intel family, I am happy to say things are better than I expected. We have received a lot of accolades from Intel for our technology and our expertise. Our CTO, Jesper Tohmo, has relocated to the US with his family. He now acts as the hub between Intel, McAfee and Nordic Edge. This is extremely valuable, not only for us, but also for our clients.
Moving forward, we will continue our expansion in Stockholm and hire more people to help develop our business and products. We definitely have a very exiting time ahead.

At the keyboard,
Jim

Optimism is an essential ingredient of innovation — Robert Noyce

Presentation
From today’s IAM solution to tomorrow’s reality without changing the infrastructure
Today we talk a lot about federation and cloud services, but the big impact will be the new approaches that Bring Your Own Device and Single Sign-on brings. Yesterday there were only internal users, today, users can work from home, tomorrow users are everywhere and on any device. We show future technology in today’s customer solutions.

Workshop
The strategy and the technology behind successful authentication and IAM solutions
We share the strategy behind IAM and authentication solutions within public and private sectors that provide benefits for the entire organization including IT department. The workshop ends with a live demo that shows the result of right strategy.

Speakers at the conference
Tommy Almström, Product Manager IAM, Nordic Edge
Andreas Carlsson, Product Manager Authentication and Cloud Services, Nordic Edge.

*IDG is the world’s leading technology media. Read more »