Tim Shaw, VASCO Channel Sales Manager for the UK and Ireland, explains to PITR why two-factor authentication helps dealers
differentiate their business and add value to their offering
PITR: Why does two-factor authentication present a strong opportunity for the channel?
Tim Shaw (TS): Despite many high profile global security breaches, the truth is that in many medium-sized businesses, remote access to the corporate network is not adequately secured. Nor are critical data assets protected against unauthorised access.
Talking about securing printers and MFPs opens the door to a much broader discussion about network security as a whole and the role that two-factor authentication solutions can play in keeping a business’ entire network (not just the peripheral devices connected to it) secure.
For dealers to demonstrate how they can help customers plug a still sizeable security gap is a conversation well worth having. If we look at the IT security systems of SMEs, a typical picture emerges: firewalls and anti-virus software are installed to prevent unauthorised access to the corporate network and to prevent data theft; but little or no thought is given to securing remote access to the network by staff, partners or customers in order to protect data on the network. How can they know for sure that someone accessing the network is who they claim to be? It’s because they can’t always validate who is trying to get onto the network that we see, almost on a daily basis, reports of successful attacks on companies’ databases. And these are increasing, rather than decreasing.
PITR: Surely companies are already doing all they can to protect themselves?
TS: They think they are. But there is an imbalance in the level of protection afforded to physical assets and to confidential data. Take access control to a building. Verification can take many forms, from surveillance cameras to ID cards, to ensure that only people with the right permissions can enter the grounds or specific areas of a site. Yet, for critical information systems, more often than not, a simple and easily guessable password is all that’s needed to gain access to the company’s lifeblood, its business critical data and confidential information.
What makes this scenario even more exasperating is that it has been known for decades that passwords are not resilient and offer ineffective protection against a determined hacker. And the more valuable the data, the more determined the hacker.
PITR: Is two-factor authentication complex to deploy and use?
TS: That assumption is what makes the above scenario even more frustrating. Incorporating two-factor authentication to protect data is not difficult, and the technology has proven to offer an exceptionally robust defence against potential security threats for many years now. The technology’s roots lie in the banking industry, one of the most heavily regulated and protected in the world, where security is absolutely fundamental.
Two-factor authentication successfully marries end user convenience with security. Anyone who conducts their banking online is already familiar with two-factor secure authentication from using a device provided by their bank. This provides them with a One-Time Password (OTP). There’s no real learning curve in rolling out a similar OTP solution for a workforce to use when accessing the network remotely.
PITR: The market is awash with competing security products, so are margins tight?
TS: It is not the additional sales potential alone that makes two-factor authentication a compelling opportunity for dealers The margins are still significantly more rewarding than in many other areas, precisely because two-factor authentication is not yet a commodity business, especially for companies that already offer network peripheral devices. Offering strong authentication is an excellent addition to a dealer’s existing device portfolio and an opportunity to provide expertise and differentiate themselves from the competition.
PITR: Does the technology require dealers to learn a whole new skill set?
TS: From a technical perspective, strong two-factor authentication is now much easier to implement than many resellers and end users assume. There are relatively easy to implement solutions on the market that can be integrated with little effort into any existing application, no matter what data model or architecture it is based on. Solutions can be delivered with all the necessary hardware (e.g. servers) and software included and preconfigured.
An even easier sell is cloud-based authentication, which further simplifies the sale and management of two-factor authentication. Here, the effort is limited to integration into existing applications, with a dealer using either existing cloud offerings or a server to provide its own service to several customers. In both cases, the customer saves on investment and the hassle of internal maintenance and the dealer benefits from regular, stable and predictable revenues.
Secure two-factor authentication is an absolute business must-have. Yet, despite the ever-rising incidence of cyber-crime, its sales potential remains untapped. Introducing customers to two-factor authentication, when talking about device security, provides dealers with a differentiation that adds value and new revenue opportunities to their business.