A new, patented cloud services brokerage (CSB) solution providing secure identity management and cloud services distribution has been launched designed specifically to eliminate the need for passwords. The solution from British cloud security software company
Secure Cloudlink Ltd – Secure Cloudlink – supports three factor, SSO (single sign on) and biometric user authentication but unlike other solutions in the market, does not store, send or replicate any user credentials outside of an organisations’ directory service.
Secure Cloudlink acts as a secure, centralised user authentication and application to manage all users access rights to all authorised applications without the need to create and manage internal domains.
Brian Keats, CEO,
Secure Cloudlink Ltd, stated: “Passwords are quickly evolving into an untenable means of authentication because of their fundamental security vulnerabilities. That evolution is being accelerated by the dramatic shift to mobile computing and the ever-rising tide of data breaches. We identified the need for a fundamentally new way of anonymous authentication bypassing the vulnerabilities that exist because of the inherent properties of passwords being human-accessible shared secrets.”
“It’s impossible to use the same password everywhere because different sites insist on different password formats. Even if it were possible, it wouldn’t be sensible. So we tend to use many different passwords and then forget which password to use for what, so resort to using similar passwords and never changing them, or to writing them down. Either way, security is compromised.”
According to Gartner in its report ‘Design IT Self Service for the Business Consumer’ “password resets account for as much as 40 per cent of IT service desk contact value.”1
Designed from the ground up with security in mind Secure Cloudlink’s Cloud Services Brokerage platform overcomes identity security issues associated with passwords by the inclusion of a unique and patented token passing technology. This advanced authentication method requires no user credentials to be stored separately or outside of the directory service dramatically reducing the risk of a cyber breach and costs associated with password reminders.
“This usability problem has got worse in recent years through the ubiquity of smaller keyboards such as those on mobile devices, more complex requirements for “password strength” at many sites, and the introduction of one-time-passcodes as a second factor “secret” that forces the users to type not one, but two passcodes every time they authenticate,” continued Brian. Although some organisations are investing in technology to automate password resets to reduce the number of calls user credentials still persist exposing the organisation to the threat of cyber attack. At SCL our approach is to eliminate the passwords and streamline the granting of access to applications, IT resources and on-line services.”
Secure Cloudlink is the only platform that anonymises user identities over the web for secure access to cloud services. Its unique technology never requires access or stores user security credentials when connecting internal users, customers and suppliers to web-based applications. The use of Federated Security authentication, also means that network users can enjoy seamless and secure access to multiple cloud services without even appearing to have left the corporate network. With a secure single-sign-on Secure Cloudlink reduces IT service desk time managing multiple passwords by deploying users with a single, secure access point for access to their applications via their desktop, tablet or mobile.
Users can be provisioned access both at single and group level, and with a bulk upload facility. Furthermore, Secure Cloudlink provides an environment that allows centralised management access to employees, contractors, suppliers and customers without creating new domains and user accounts in an existing directory. The company has already sold the Secure Cloudlink solution to a number of customers across a diverse range of markets including government, SaaS providers, and financial institutions. It is a highly applicable solution for any organisation looking to provide a simple, secure yet password free user access to cloud and on-premise applications and services.
