Authentication is the gatekeeper of a virtual world. Like the gatekeeper at a physical secure facility, authentication stops you at the entry with a request for identification. If you successfully identify yourself, you can proceed to access all areas of the facility that you are authorized to access.
With more and more data being sent online and transactions happening online, strong authentication becomes a necessity. Individuals bank online. Governments exchange documents online. Emails are sent with mission-critical information or business transactions are done using payment gateways. None of these people or organizations can afford to have someone looking over their shoulder or accessing their data without proper authentication and authorization. Strong authentication is the first step in ensuring that security of data is maintained at all times and under all circumstances.
Strong authentication is now becoming a necessary adjunct to cloud computing. For instance, customers entrusting their mission critical and sensitive data to third party vendors for cloud backup and storage are rightly concerned about the type and quality of authentication that is being provided by these vendors. After all, data security is everything! Online backup service providers who store customer data on their servers and provide accessibility to such data via the Internet must build in strong authentication protocols into their applications.
So, what is strong authentication? How does it work?
Subscribers to cloud backup services are provided with a user friendly graphical user interface that allows the administrator manage users and assign them user IDs and passwords. Specific users can be given permission to access specific data sets and excluded from access to other data sets. The user-id and password are then authenticated when such users attempt to access the data in the repository by matching it with the stored data in the authentication tables. Once authenticated, the authorization protocol kicks in and locks the user out of all areas the user is not authorized to access.
Encryption of data provides another level of security. Unauthorized users will have no access to the encryption key and will not be able to read the data in transmission or storage. Authenticated and authorized users will be able to read the data unhindered as the decryption will be activated by the rights and permission they have been given when their user id and password was approved by the Administrator.
Unsuccessful attempts at authentication trigger off alerts in the system. The user is generally given the benefit of doubt. It is assumed that the user has forgotten their user id or password and allowed to make several attempts. However, in strong authentication, repeated failed logins will lock the user out of the system and generate administrator alerts. Biometric or electronic authentication protocols may also be used to strengthen authentication. Biometric authentication may involve physical inputs from the body parts of the user such as a thumb-print or a retina scan or answer some secret questions.
Some cloud backup service providers may use two-factor authentication to secure customer data. Users may be required to input a user-id and password and also provide a biometric or electronic token for authentication. This type of authentication may be recommended for laptops and mobile devices that can be easily misplaced or lost. Multi-factor authentication systems may be used in instances where sensitive data is involved. Authentication may require the user to input user id, password, answer secret questions, provide thumb impressions and insert thumb drives into the computer.