Monday, July 7, 2008

SecureAuth® for Microsoft SharePoint (WSS 3.0) and MOSS

SecureAuth is the most Secure, Integrated Authentication Solution for Microsoft SharePoint

By Garret Grajek, CISSP
COO, MultiFactor Corp.

The most Secure, Integrated Authentication Solution for SharePoint

MultiFactor SecureAuth is the only tokenless, non-phishable authentication solution for Windows SharePoint Server (WSS 3.0) that strongly authenticates the end-user AND the server, in an easy-to-deploy manner. SecureAuth is ideal for the growing number of SharePoint deployments that host secure data, including:

• Financials
• Sensitive internal and partner documents
PCI/FFIEC/GLB regulated materials
• Government and Health Care information

The key to SecureAuth is its integration to the enterprise’s existing SharePoint installation and existing data store. (See Figure 1)

Figure 1 –SecureAuth® Integration into a Microsoft SharePoint Deployment (Click to enlarge)

Microsoft SharePoint is an Important Tool in Today’s Businesses

With Windows SharePoint Services 3.0, IT professionals can tailor or extend the Windows SharePoint Services foundation to create new, efficient, Web-based tools. Enterprises can:

  • Manage business documents more easily
  • Build rich, flexible, and scalable Web-based applications and Internet sites
  • Expand platform services and common framework for document management to offer enterprise-wide functionality for records management, search, workflows, portals, personalized sites, and more.

SecureAuth utilizes native SharePoint Forms-Based-Authentication

MultiFactor SecureAuth is designed to work with the data connector and authentication components native to the Microsoft SharePoint installation. Unique for an X.509v3 authentication product, SecureAuth® can utilize the native ASP.NET forms based authentication, thus greatly simplifying the integration for the SharePoint administrator. (See Figure 2).

Figure 2 - SecureAuth® utilizes native SharePoint Forms Authentication (FBA) (click to enlarge)

SecureAuth Provides the Complete Solution for Enterprises to Secure SharePoint

Using a combination of a web server module and web services, SecureAuth provides a turnkey solution to deliver an algorithmically proven method to thwart man-in-the-middle and phishing attacks (See Figure 1).

The SecureAuth solution features out-of-band self-registration that automatically delivers X.509 certificates seamlessly to end-users (See Figure 3). The solution eliminates the need for administrator resources to deploy software, install upgrades, or train end-users on complex, remote access procedures.

Figure 3 – SecureAuth has built-in, secure, out-of-band registration (click to enlarge)

SecureAuth Distinct Features:

  • Utilizes SharePoint native Windows Forms Authentication
  • SharePoint installation does NOT require code modification
  • Utilizes secure C-SSL authentication without modifying the existing web server
  • Full protection from man-in-the-middle, phishing attacks


Garret Grajek is the COO and a co-founder of MultiFactor Corporation. He is a certified security engineer who has deployed 100s of security solutions while working for RSA, IBM, Cisco and others.

No comments:

Copyright 2008. MultiFactor Corporation. All Rights Reserved.