For this month's Group Test review, we tested multifactor authentication products. There were definitely some trends and a few surprises in the product sets, prompting us to do some additional research. One surprise in the products we examined was the limited participation of any true biometric offerings and even the lack of support for these devices. We all know simple name and password authentication methods are inherently insecure. Multifactor products offer a huge advantage in added security.
That said, as passwords can be compromised, physical keys can be stolen. There is no such possibility in biometrics. TechNavio's analysts forecast the global biometrics technology market will reach $9.3 billion by 2014. We find that there is quite a bit of consolidation going on in this space. The standard fingerprint-and-hand geometry solutions are still there. We are seeing more and more work being done in the voice recognition space for the purposes of verifying identities and authenticating people.
Another technology that came out of our research - that we did not have a chance to review, but is still worth mentioning - are the products that play in the continuous authentication space. These offerings attempt to address the risk of having a set of credentials comprised by revalidating the user beyond login.
The tools we reviewed this month all supported multiple forms of second-factor authentication technologies. We did have a few that supported standard fingerprint readers and an authentication method. The solutions provided authentication against a user's PC or directory, as well as offering additional authentication protection for various application, VPN and web-based services.
One of the knocks against multifactor authentication solutions used to be the overhead involved in deploying in an enterprise environment. It was a pleasure to see that the products we reviewed really eliminated this as an issue.
We were pleased with the availability of deployment capabilities, key management, recovery abilities, and management and alerting options. Most of the offerings provided an easy means of deploying client software. There was also good support for user self-enrollment of tokens and self reset for PIN and password issues, reducing the IT overhead associated with supporting these technologies.
Pricing varied among the solutions, and it is important to understand the licensing as some are yearly renewals while others are one-time fees. Some of the offerings are also available in a SaaS model. As well, some products include token support, while others require separate purchasing. In any case, the price point of the solutions we reviewed really delivered a lot of protection for a very reasonable expense.
Mike Stephenson contributed to these reviews.