inWebo Multi Factor Authentication
for Enterprise and Business Customers
IT perimeters don’t vanish – they change and they multiply. Businesses still need to protect data in their private networks – but now also in the Cloud, online portals, and mobile applications. Furthermore, protecting the access to the local network and to the computers is increasingly seen as mandatory. inWebo is a one-stop answer for all secure authentication use cases encountered in modern IT organizations.
Radius Authentication for VPN and Reverse Proxies
A Virtual Private Network (VPN) is similar to a tunnel extending your internal network, making it accessible from a remote laptop, smartphone, or tablet. By adding inWebo authentication to a VPN, you make sure that only the right people can enter this tunnel and access your network.
Why inWebo and not just certificates? With inWebo, you no longer need to issue, deploy, and manage device certificates; the complexity of it was a non-starter for many organizations who had to deal with the big diversity of rapidly changing user devices, platforms, and OS. All you have to do with inWebo is to authorize authentication methods (web, mobile, with or without PIN…). Also, if your security policy allows it, users can now connect to the VPN from non-managed devices.
With radius authentication (since inWebo has a radius connector and a SAML connector), inWebo supports most – if not all – VPN vendors and reverse proxy vendors, such as Cisco, Juniper, Pulse, F5 Big IP, Fortinet, Citrix NetScaler, Stormshield… The configuration in your network equipment is literally a matter of minutes.
With an SSL VPN (accessed through a web browser, as opposed to a VPN IPSec client), you can use any inWebo authentication method, in particular Virtual Authenticator (or inWebo Helium) so that users don’t even need a smartphone when they connect to the VPN from one of their trusted devices. For VPSec VPN (client-based), users easily authenticate by entering their PIN in the inWebo Authenticator App when they are prompted to do so; if there’s no signal, they still can use that same App to generate – fully offline – a one-time password and copy-paste it in the VPN client authentication screen.
Even if your SaaS Vendors are taking Identity Security seriously, user accounts – and therefore your corporate information – are still accessible online with basic passwords. You can easily prevent this by adding inWebo for the authentication to your organization’s accounts.
With the variety of authentication methods available from inWebo, users access their applications securely and painlessly, in the office or on the go, whatever the devices they use. Since most applications support SAML authentication and inWebo has a SAML connector, any SaaS application is virtually covered, such as Google Apps, Salesforce.com, Sharepoint, Office 365, jive, Box and Dropbox, ADP, Oodrive… If your application is not listed here, it’s most probably supported anyway. Please ask us for confirmation.
Single Sign-On and Identity Access Management
Single Sign-On (SSO) is the users’ favorite and most asked feature since it allows users to navigate between applications with a single identity (therefore dramatically reducing the number of passwords) and without having to constantly re-authenticate. However, by fully relying on SSO for authentication, you make the first (and only) user authentication potentially very critical. You want that first authentication to be not only secure, but also very easy, since this is why you invested in SSO in the first place.
By adding inWebo to the SSO, you certainly add the required security. Given the authentication methods available from inWebo, you also make sure that users access their applications painlessly, in the office or on the go, whatever the devices they use.
inWebo integrates with most popular SSO vendors and IAM vendors. In particular, we have sleek integrations for Microsoft ADFS, Ilex, Forgerock OpenAM, Gluu Server, Shibboleth, SailPoint IdentityIQ, CA SiteMinder, and Ping Federate. Other are being discussed, so please ask us for confirmation if your favorite vendor isn’t listed yet (if your are a vendor and your name isn’t listed here, please contact us, we’ll gladly take a look at your solution and how to integrate it with inWebo in order to provide your customers with enhanced Identity Security).
RDWeb, Remote Desktop Gateway
inWebo has developed a connector for RD Gateway that you can use to make sure that only authorized users can connect via Remote Desktop.
Secure Windows Login
Once upon a time, users would need to be connected to the LAN with a cat. 5 cable in order to be able to access the Windows network. Your office doors and walls used to protect your IT. With WiFi now being everywhere, this protection does no longer exist. Windows Login has become a critical use case for multi-factor authentication.
Web Portals and Marketplaces
If you’ve built a portal for online collaboration with your suppliers, your partners, or your customers, you probably don’t want to invite your competitors. inWebo multi-factor authentication makes sure that your business and data remain within a closed group. Integrating our API is all what you’ll need, no integration is required with your partners.
BYOD and Mobility
iPhone and Android have largely replaced Blackberry as corporate smartphones, therefore making obsolete the security models that companies had put in place. Most sensitive applications like corporate email became de facto accessible online simply protected with static passwords. Vendors have filled the gap by developing mobile security solutions. inWebo push connectors natively support these solutions, server-side, allowing to enforce multi-factor authentication for mobile access to corporate applications.