updated 09:45 am EDT, Thu August 10, 2006
CRYPTO-Server 6.4 released
Mac authentication technology developer CRYPTOCard has announced a Universal version of its CRYPTO-Server 6.4 for two-factor authentication. The solution provides seamless integration with Apple's PowerPC- and Intel-based Macs and protects LAN, VPN, web-based (Apache and II S), and desktop access for Mac OS X 10.4 "Tiger." Version 6.4 also brings a new machine-to-machine architecture which provides a much faster, smaller footprint solution that improves user and administrator experience and support for a new software token for BlackBerry handsets from Research In Motion (RIM) which will enable remote users logging into the corporate network from a desktop or laptop via a VPN to use their BlackBerry handset to generate the necessary credentials for two-factor authentication. It also features new client-based 'Disconnected Authentication' to ensure a mobile user's laptop is protected even when connection to the CRYPTO-Server is not possible and USB Dongle support for Intel-based Macs.
"Strong security is the number one priority for most organizations and companies understand that this is not possible if each individual user cannot be positively authenticated," said Jason Hart, CEO, CRYPTOCard. "Using Apple's developer tools, CRYPTOCard has created a Universal application that makes it simple for organizations utilizing Power PC or Intel-based Macs to provide true 'One-PIN-and-You're-Intm' enterprise-class strong user authentication for local, web, or remote system access."
CRYPTO-Server makes it simple to positively authenticate each user within a true heterogeneous environment. Fully compatible with Tiger's support for smart cards, CRYPTO-Server can also implement a single 'authenticator' for photo ID, building, door, and network access.
CRYPTOCard's authentication solution requires two levels of 'proof' of identity: 1) Something a user has - a CRYPTOCard token that generates a one-time password. 2) Something a user knows - a secret PIN. A lost token is useless without the PIN and a stolen or shoulder surfed PIN is useless without the token. A lost token is readily noticed and can be easily revoked and each generated password is used only once and will never work again - tokens stay in synch with the CRYPTO-Server to manage this process -- thus passwords cannot be stolen, shared, written down or stuck to the side of a monitor.