As a result of the RSA hack some of the channel's finest have been making hay prior to their debut at Infosecurity 2011. One, SecurEnvoy, says it has had dozens of enquiries from potential customers (or should that be ex-RSA customers?) finally convinced that a small piece of plastic that looks like an Infosecurity stand gift circa 1975 has finally had its day.
A tokenless 2012 would be a nightmare for EMC, but how likely is it? SecurEnvoy started in 2003, the year that the Blu-Ray was invented. They say not using their tokenless authentication would be akin to still watching your favourite episodes of Midsomer Murders on VHS cassettes instead of Blu-Ray or at least DVD.
SecurEnvoy will be launching its software-based tokens at Infosecurity. These can be used on all devices, allowing end-users the choice to switch between SMS or software based tokens at anytime, anywhere onto their iPhone, Android, Blackberry or their laptop.
This end user orientated approach gives added choice for users that want to run soft tokens on smartphones while keeping deployment and administration simple. It's a product that will certainly see RSA sitting up and taking note and one that resellers should at least take a look at. SecurEnvoy has had 100% growth every year for the last four years. This is made up equally of new adopters of authentication and ex-users of two-factor authentication who found they couldn't carry on affording the costs of replacing thousands of tokens regularly. And that's just replacements - that doesn't include the ones that get lost which is at least 20% of them.
Now thanks to RSA there is anew reason to go for SecurEnvoy - unlike RSA and other 2FA vendors, they do not store any token records or customer encryption keys. Their approach randomly generates any required keys within the customer's environment. This approach means there is nothing relating to our customers security stored at SecurEnvoy and therefore customer details could never become compromised.
They say that SecurEnvoy is easy to install (so they say) and can replace 18,000 tokens in under one hour, any RSA SecurID customers that want a fast, secure and cost effective resolution can install and replace tokens within less than a day.
This is SecurEnvoy's seventh time at Infosecurity and yet they are still looking forward to it, apparently.
(Poor buggers. They'll learn one day - ed)
They have a simple statement that encompasses what they do: "Lead where others follow. Set the standard of tokenless authentication and maintain our position as global authentication leaders. Innovate with solutions that re-use existing infrastructure therefore reducing costs and making them easy to use."
What's the most over-used term in IT security? "Tokens are the future," says Andrew Kemshall, of SecurEnvoy. Maybe it's a cliche because it's true.
This was first published in April 2011