Many activities today are completed digitally – whether it’s a simple conversation, online retail or a complex financial transaction. Information is also exchanged through digital interactions between people and devices. Coupled with the rising penetration of the Internet and ubiquity of always-on networked digital devices such as mobile phones and tablets, a fundamental change has taken place in how individuals live and corporations function globally.
However, the rise in popularity of digital devices has also brought about an increased risk to security. Malicious threats by attackers who look into stealing user identities and obtaining unauthorized access to confidential data and resources are on the rise.
With advanced persistent threats (APT) becoming more prevalent, companies of all sizes need to take a serious look at the security protecting access to data resources. Username and password are no longer sufficient to protect access to the most important aspects of one’s business – the company’s internal information. There is a need for stronger access control methods to secure all access points into the network to ensure that only authorized users gain network access. At present, a variety of easy-to-use form factors that meet business requirements and ensure quick end-user adoption are available.
Public Key Infrastructure
Public Key Infrastructure (PKI) is a system that validates a user's digital identity over a public or private network by associating a pair of public and private keys with their individual identity credentials. In PKI systems, the private key is maintained by the end user and the public key is available as part of a digital certificate in a directory that can be freely accessed. The private key remains secure and is not transmitted over the network. It is used for certificate-based authentication, encryption and digital signatures.