Symantec VIP Brings Two-Factor Authentication to the Cloud
REVIEW: Symantec's VIP leverages multifactor authentication ideologies to bring security to the cloud and beyond.Symantec, through its Validation and ID Protection Service (VIP), is looking to give access control back to administrators at a time when data breaches, hack attempts, stolen data and system attacks are seemingly becoming everyday events. While the results and damages caused by breaches can vary, there is a common thread behind any type of data compromise-a security failure. Those security failures come in all shapes and sizes, though most start with a failure to adequately control access to a system.
With VIP, Symantec is giving administrators a tool that brings multifaceted authentication back to systems, regardless of whether they are accessed remotely, via the cloud or internally.
"Symantec Validation and ID Protection Service (VIP) delivers cloud-based strong authentication that combines something you know (e.g. a username and password) with something you have (a credential such as a card, token, or mobile phone). VIP helps to protect networks, applications, and data against unauthorized access as part of a comprehensive information protection program."The company's description hits on two critical points: multifactor authentication and protection from unauthorized access. Those two points tend to be the cornerstone of effective security in a cloud-connected network. VIP offers a variety of installation scenarios, which are dictated by the current security posture of the network and applications, as well as what virtual private network (VPN) and connectivity technologies are in place. While the mechanics may differ, the overall concept remains the same-offer an access challenge that is not easily forged or subverted-and that is exactly where VIP comes into play. VIP is broken down into four modules: VIP Access for Mobile, VIP Self-Service, VIP Manager and the VIP Enterprise Gateway. Those modules are fully integrated and offer secure access for each of their respective security postures. Getting started with VIP is rather straightforward, thanks to Symantec's subscription-based model, where the primary authentication mechanism takes place in the cloud as a hosted service. In a nutshell, the way it works is that you sign up for Symantec's cloud-based authentication service, which works as an intermediary security mechanism between the endpoint and the target system, while adding a security token as the third element of a multifactor security credential.