Downloads & Media
|AT&T Token Authentication Service [Service Brochure]|
Definitive User Authentication
What is authentication? Industry regulations and typical corporate policies require that your IT, security and compliance groups create audit trails of all the activity on your network. Knowing the IP address of the access device isn't enough to definitively identify the behavior of a specific user. Anyone could be using the device associated with a given address if they discover the valid user's username/password information.
Because users have multiple passwords, they often write them down exposing the passwords to others. Yet many systems grant access after verifying just a username/password match to the IP address.
AT&T Token Authentication Service uses two-factor authentication to validate the user's identity. Two-factor authentication verifies something the user knows, such as username and password, plus something the user possesses: a software or hardware "token."
Reduce risk with network authentication
Network access control is more secure when a second authentication factor is used to validate user identity.
Two-factor authentication significantly increases security by checking identity on a second factor that is unique to the individual. Software code, the "security token," generates random numbers that are associated with one unique user every minute. Users that fail on either the username/password factor or token factor are denied access.
Two-factor authentication is particularly helpful when:
- Protecting highly critical and confidential systems
- Verifying the identity of remote and mobile users requesting access
- Creating an accurate security log of who has accessed various systems
Hard or soft security tokens can be used with AT&T Token Authentication Service. Hard tokens are devices about the size of a small USB drive with code generators built into them. Soft tokens use the same software but reside on a user's existing computer or communications device.
Track access activity with authentication service
Regulatory rules and standards require that certain industries comply with one or more mandates for tracking access activity. AT&T Token Authentication Service provides monthly usage reports detailing who accessed which systems. These reports provide supporting documentation that can help you fulfill your compliance reporting requirements.
Avoid expense and support complexity
Maintaining staff onsite to manage token authentication can be time consuming and expensive. Outsourcing to a third party can save businesses the cost and complexity of buying token-based authentication servers, distributing tokens, replacing them and handling help desk calls. AT&T is one of the largest independent token administrators in the world, managing token authentication for large and small companies.
Is your organization bound by one or more sets of industry compliance rules?
How are you generating the documentation needed to prove that the activity on your network has been legitimate? Is your current solution meeting the needs of your compliance officers?
Does your organization have a policy to protect highly sensitive, confidential data?
You have probably determined that a breach would be extremely costly, whether in stolen customer information, intellectual property theft or a damaged reputation. Consider the projected costs of these situations and compare them to the monthly cost of deploying a two-factor authentication setup.
Do you have a distributed work force with many remote or mobile users requesting access to your network resources?
Verifying the identity of someone who isn't local to your data center resources or is on a wireless link is particularly challenging, because you can't see the user or trace the user to a static switch port. Two-factor user authentication is a good choice for these situations.
Do you have plans to move to three-factor authentication?
If so, AT&T Token Authentication Service can interoperate with a third authentication factor administered by another party. The third authentication factor is usually some form of biometrics, such as a fingerprint.
Designing Your Two- and Three-Factor Authentication
AT&T Token Authentication Service is compatible with a wide variety of remote access servers, Web servers, firewalls and VPNs.
Authentication Service Delivery
AT&T supports customer calls and issues a static token for temporary use if an issue isn't quickly resolved.
Once your user database is connected to the AT&T AAA server environment, AT&T provides the security token software or hardware to customers. Users simply log onto an AT&T site to validate themselves.
Customer Support for Network/User Authentication
AT&T handles customer care calls. There is also a special help site that users can access if a security token appears to not be working. The help site could result in a phone call with a series of questions asked and answered before a user receives a static token to use temporarily until resolution.
Existing AT&T Enterprise customers can work with their AT&T sales representative to get started with AT&T Token Authentication Service.