This month we have implemented for Cofely Spain, an expert company in energy and environmental efficiency services belonging to the multinational group GDF SUEZ, a remote access to its corporate network that focuses on security. It is the One Time Password (OTP) solution that allows access to the corporate network using a virtual private network –Virtual Private Network (VPN) -. Every day more companies need to provide their teams with access to data remotely. Ensuring the security of this type of operation is essential. At ASM Web Services we are convinced that One Time Password is a very good solution, since it ensures a different password each time a user wants to access the company network. The mobile phone is used to generate the new password (token), which prevents the user from having a device to generate them. What technology have we used For the Cofely project we have used Symantec Validation and ID Protection Service (VIP) consisting of:
VIP Access: an application that is downloaded to the SmartPhone and that provides a part of the OTP password.
VIP Authentication Service: service in the Cloud that secures a single token per user (mobile device).
VIP Enterprise Gateway: RADIUS server that we install in our infrastructure to integrate OTP with our corporate firewall.
Diagram: Implementation is quick, easy and not disruptive to the production environment. User-friendliness It is common for users to be reluctant to change, and this is something Symantec has taken into account when implementing OTP using VIP. The user continues to use his username and password, but also must enter a numeric code after his password; that code number is the OTP. So that:
- Nombre de usuario: [El habitual, no cambia en nada] p.ej.: jsmith
Password: [Your password followed by the OTP code] p.ej.: mypassword + 342218
The result is very satisfactory: it is highly competitive, and it is easy to use and implement.