We are giving away our top 5 one time password (OTP) integration points to give you some pointers and assistance in the right direction when setting up and configuring your strong authentication solution. Our Top 5 includes: Integration with Microsoft Outlook Web Access (OWA), Miscrosoft Internet Information Service (IIS), Microsoft Internet Security & Acceleration (ISA) server, Microsoft Threat Management Gateway (TMG), Microsoft Internet Application Gateway (IAG), Microsoft Unified Access Gateway (UAG), Citrix Web Interface (CWI), Citrix XenApp, Citrix XenDesktop, Microsoft Inernet Authentication Service (IAS) and Microsoft Network Policy Server (NPS). Download your copy of SymTex Top 5 One Time Password (OTP) Integration Points

Security of data is a primary concern for many businesses and securing the network identities that have access to this critical business information is a key success factor for business operations. This increased concern is greatly due to the change in the way applications are developed and accessed giving users the ability to perform their business tasks from outside the security and confines of a business’s private network. Allowing this additional flexibility of working beyond the confines of the private network brings with it an increased level of risk from unwanted attacks.

Strong authentication solutions such as one time passwords (OTP) with tokens and Public Key Infrastructures (PKI) based logon with smart cards, which have the ability to withstand many common attacks, help to protect an organisations valuable data. The implementation of this strong authentication is very flexible and can be integrated into a business infrastructure at various key points dependent upon the business requirements.

Strong authentication methods can be applied to user logon at:-

•A domain
•Internal Websites
•Intranet applications
•Outlook Web Access (OWA)
•Virtual Private Networks (VPN)

Which in turn gives a user the ability to securely perform their daily work tasks from anywhere with an internet connection. Two factor authentication (2FA) and three factor authentication (3FA) can drastically reduce the frequency of online identity theft and other online fraud due to the victim's password no longer being sufficient to give an attacker access to their information.

Both Public Key Infrastructures (PKI) and one time passwords (OTP) introduce a second factor in to the authentication process. It is the introduction of this second factor that increases the security of the authentication process. When referring to authentication, a factor is a piece of information used to verify a person's identity for security purposes.

The three most commonly recognized factors are:-

•'Something you know', such as a password or PIN
•'Something you have', such as a credit card or hardware token
•'Something you are', such as a fingerprint, a retinal pattern or other biometric

A one time password (OTP) is an effective method of implementing a strong authentication solution. The OTP is commonly generated on a physical device such as a token and is entered by the user at the time of authentication, once used it cannot be reused which renders it useless to anyone that may have intercepted it during the authentication process.

By replacing your businesses weak user name and static password security with this one time password strong authentication solution, you are guaranteed to increase the security of your network infrastructure by eliminating the possibility of a users logon credentials being stolen while using an unsecure network location. Even if a hacker can obtain the user’s name and password, they will be unable to copy the content of the token which generates the OTP, and therefore will be unable to access corporate network resources.

For further information regarding strong authentication please visit the strong authentication section of the Symtex website

Inheritance

When developing software applications the use of inheritance can greatly reduce development times by allowing the reuse of code with little or no modification by building on classes that are already defined and available to the developer.  This is achieved by forming a new class, known as the derived class, which takes over the attributes of a pre existing class which is known as the base class.   The question is how does this actually assist the developers to build a project more efficiently?

Consider a class called Person that contains a person’s name, address, date of birth, sex, and phone number.  Now consider a class called Employee that will contain employee number, salary, holiday entitlement, employee name, address, date of birth, sex and phone number.  The employee class contains the same details as the person class with the addition of the employee number, salary and holiday entitlement.   Rather than creating the employee class from scratch the person class can be used as base to build on.  The employee class will inherit the pre defined attributes from the person class and the developer can add the employee number, salary and holiday entitlement to it. 

My Findings
The main issue I have come across when taking over pre existing projects is that people lose sight of which class the methods and properties should be located.  On simple class definitions like above it is easy to see why the person class has the attributes it does and why the employee class inherits the person class and adds the extra attributes.  However on larger more complex project this can become more difficult especially when the requirements of a project are constantly changing.  When I have picked up project like this making the changes to the classes to rectify these miss placed attributes can be time consuming activity but I have found that it greatly reduces development time in the future due to there being less confusion and a greater understanding of how the classes work together.

What I would like to know is if this lack of sight is a common development issue or have I been unfortunate with the projects that I have inherited from other development teams?  Your experiences of this kind of issue would interest me greatly.

Remote working is an essential part work life for businesses all over the world.  The ability to allow employees access to their email and work related files from anywhere with an Internet connection can significantly increase productivity.  With the recent increase of WIFI hotspots and mobile broadband speeds, a remote worker no longer has to be someone confined to working from their home.  They could be a travelling salesman sat in their car updating a sales opportunity after a meeting with a client or a director of a business catching up with their emails from an Internet cafe in an airport while they wait for their flight.  Allowing remote access to a corporate network brings with it huge risks regarding the perimeter security, however, if managed correctly these risks can be hugely reduced.  During the last month I have been working on a client’s site introducing new security measures to ensure that the risks associated with their remote workers do not out way the advantages that they bring.  With the introduction of a Remote Authentication Dial In User Service (RADIUS) Server accompanied by an Internet Authentication Server (IAS), a solution was provided giving all remote workers two factor strong authentication when connecting to their corporate network.  The key requirements were to secure access to the Virtual Private Network (VPN), Outlook Web Access (OWA) and the corporate intranet.  The solution used One Time Passwords (OTP’s), which were generated using tokens associated with each user, in addition to the user’s regular user name and password.  Although two separate authentication methods were being used, the Single Sign On (SSO) technology used meant that the remote worker only had to provide their logon credentials once.