REVIEW: Symantec's VIP leverages multifactor authentication ideologies to bring security to the cloud and beyond.
Symantec, through its Validation and ID
Protection Service (VIP), is looking to give access control back to
administrators at a time when data breaches, hack attempts, stolen data and
system attacks are seemingly becoming everyday events.
While the results and damages caused by
breaches can vary, there is a common thread behind any type of data
compromise-a security failure. Those security failures come in all shapes and
sizes, though most start with a failure to adequately control access to a
With VIP, Symantec is giving
administrators a tool that brings multifaceted authentication back to systems,
regardless of whether they are accessed remotely, via the cloud or internally.
VIP is a new take on an old security
practice, where a user is expected to have something they know (such as an
account name and password combo), as well as something they possess (smartkey,
token, keycard). That security ideology has been around for a while, dating
back to physical security where someone needed a key to enter a building and
then had to check in with a guard. As a concept, multifactor authentication
seems ideal. However, in practice, multifactor authentication has been a
challenge in the IT realm, basically because it is normally complex to
administer, expensive to deploy and difficult for end users to adopt. Symantec
is looking to cure those pain points with VIP, which brings simplicity and
airtight security to multifactor authentication.
Closer Look at VIP
Symantec on its Website offers the
following description for VIP:
"Symantec Validation and ID
Protection Service (VIP) delivers cloud-based strong authentication that
combines something you know (e.g. a username and password) with something you
have (a credential such as a card, token, or mobile phone). VIP helps to
protect networks, applications, and data against unauthorized access as part of
a comprehensive information protection program."
The company's description hits on two
critical points: multifactor authentication and protection from unauthorized access.
Those two points tend to be the cornerstone of effective security in a
VIP offers a variety of installation
scenarios, which are dictated by the current security posture of the network
and applications, as well as what virtual private network (VPN) and
connectivity technologies are in place. While the mechanics may differ, the
overall concept remains the same-offer an access challenge that is not easily
forged or subverted-and that is exactly where VIP comes into play.
VIP is broken down into four modules:
VIP Access for Mobile, VIP Self-Service, VIP Manager and the VIP Enterprise
Gateway. Those modules are fully integrated and offer secure access for each of
their respective security postures.
Getting started with VIP is rather
straightforward, thanks to Symantec's subscription-based model, where the
primary authentication mechanism takes place in the cloud as a hosted service.
In a nutshell, the way it works is that you sign up for Symantec's cloud-based
authentication service, which works as an intermediary security mechanism
between the endpoint and the target system, while adding a security token as
the third element of a multifactor security credential.