One of the most important requirement customers have of their vendors applications is one of Trust. Trust that the vendors applications used to deliver business processes work as advertised and that the data they rely on is uncompromised. A key element of delivering on these objectives is to ensure that those users accessing the vendors applications are the correct people and that bad actors aren’t able to impersonate these legitimate users.

The ability for Software Vendors to ensure only authorised users access their applications is compounded as customers continue to move these applications from on-premise applications behind the organisations firewall to a cloud based or SaaS based service, exposing the application to the world.

 

Software Vendors traditionally have been faced with the responsibility of having to own and protect the credentials and thus the identity of the users of their customers in the face of a plethora of growing attack vectors. Such as keyloggers, phishing attacks, network sniffers and the side effects of users being frutrsted with existing username/password systems that result in users duplicating and reusing passwords, writing down passwords  that significantly weakening their security posture and place the customers business at risk.

Software Vendors are also concerned deeply with the users experience and wants to ensure that the process of authenticating to their applications is not only safe, well beyond traditional username/password mechanisms but allow for an enageing and frictionless and simple authentication experience. This results in increased user satisfaction that provides competitive advantage for the Software Vendor.

A growing trend for todays CISO’s is the consolidation of their security responsibilities across the organisation from both a digital applications access perspective and the physical access to key assests, such as buildings, server rooms and laboratories. CISO’s are looking to solve these authentication and access issues with a single solution that can be used to authenticate against all services and systems.

Contact Us

Cipherise addresses all of the issues tabled above to provide a simple, safe and secure access method for all users of a Software Vendor applications, as well as a mechanism to enforce identity access rules for their customers employees. This is achieved via a simple QR scan, (enabled by a single easy to remember secret), users can be granted access to the Software Vendors applications under multi-factor authentication rules, and be confident that their personal identity is never weakened as their unique credentials are never shared. No password is ever typed, transmitted or stored, yet access is granted simply, and without having to remember complicated user credentials or rules.

  • Provide a single login experience for users of the Software Vendors applications without the need for a centralised Identity Platform and thus avoid the additional risks involved with having to own and protect users identities.
  • Implement controls over access to repositories of data using a single access rules base without having to change how this information is stored and managed
  • Offer protection from all forms of password attack (e.g. keyloggers, man-in-the-middle, phishing, brute force, observation) for user interactions (and any collected data)
  • Address physical access issues using Cipherise to control doorways and other non-electronic interface points
  • Ensure that the login and authentication process addresses all accessibility requirements, and doesn’t disenfranchise disabled access