Overview of Mobile Device User Authentication
The most fundamental requirement to allowing secure mobile devices within the enterprise is to have a solution in place to authenticate the users of those devices. It is common to use the following methods to authenticate mobile device users:
Authenticate using username and password.
Authenticate using a certificate deployed to the mobile device.
Authenticate using one-time passwords or security tokens.
One-time passwords expire after a single usage, thereby preventing hackers from attempting to use a password after it has already been used once. Such passwords are usually deployed using tokens, either hardware dongles from vendors like RSA or software applications that issue a unique password every time.
Authenticate using smart cards.
Many enterprises implement dual-factor or multifactor authentication systems, which means that multiple authentication methods are cascaded one after the other, to enforce strong authentication. For example, a user may be prompted to authenticate using her username and password, and then prompted again to authenticate using her one-time password and PIN.
Ideally, you want to leverage the same authentication infrastructure to authenticate mobile devices as for regular Windows, Mac, or Linux systems. For example, if you've already deployed RSA SecureID two-factor authentication for regular desktop and laptop systems, enforce the same level of security on mobile devices as well. This will save you time, money, and hassles.
If you need to enforce certificate authentication on mobile devices, you need to look for management solutions that can deploy certificates to devices at scale. Look for such capabilities in the management systems you already have in place for deploying certificates to Windows PCs, for example. Several existing management solutions have recently added mobile features to manage certificate deployments on all types of devices.
Cloud Computing Glossary
cloud computing
A networking solution in which everything — from computing power to computing infrastructure, applications, business processes to personal collaboration — is delivered as a service wherever and whenever you need.
Cloud Computing Glossary
cloud service
The delivery of software, infrastructure, or storage that has been packaged so it can be automated and delivered to customers in a consistent and repeatable manner.
Cloud Computing Glossary
deprovision
The release of cloud services that are no longer needed.
Cloud Computing Glossary
federating
Linking distributed resources together over the cloud.
Cloud Computing Glossary
hypervisor
An operating system that acts as a traffic cop, managing the various virtualization tasks in the cloud to ensure that they make things happen in an orderly manner.
Cloud Computing Glossary
multi-tenancy
The sharing of underlying resources by multiple companies over a cloud.
Cloud Computing Glossary
network attached store
Storage that has its own network address through which it is accessed by the network's workstation users. Acronym: NAS
Cloud Computing Glossary
service level agreement
A contract that stipulates the type of service you need from providers and what type of penalties would result from an unexpected business interruption. Acronym: SLA
Cloud Computing Glossary
solution stack
An integrated set of software that provides everything a developer needs to build an application.
Cloud Computing Glossary
storage area network
A storage systems that is flexible and scalable because it's available to multiple hosts at the same time. Acronym: SAN
Cloud Computing Glossary
vertical industry groups
Workgroups comprised of members from a particular industry such as technology and retail.
Cloud Computing Glossary
virtual memory
The portion of your hard drive that Windows uses to expand the available RAM
Cloud Computing Glossary
virtualization
Using computer resources to imitate other computer resources or whole computers to maximize performance and flexibility.
