FIDO compliant authentication service with enterprise-ready lifecycle management
FIDO offers crypto-based, high security authentication with a simple user experience. But with FIDO being based on a ‘one key for each relying party’ mechanism it works well for business to consumer relationships, where a user needs access to one system – but enterprises typically want greater control, where employees need to access multiple resources such as Office 365, CRM, ERP, remote access and countless other cloud-based systems with a single managed credential.
With the introduction of FIDO to the MyID credential management platform, enterprises will benefit from enhanced control:
Policy control over who can issue and who can receive FIDO credentials
Visibility on which employees have active FIDO credentials
Control on what employees are able to use their FIDO credential to access
Lifecycle management capability, providing a single point to revoke, replace, and set policies for end user FIDO credentials
DEPLOY FIDO ACROSS YOUR WORKFORCE AND SUPPLY-CHAIN
MyID is being enhanced to offer FIDO with the credential management and integration capabilities of the MyID platform.
The evolution of MyID, to offer FIDO alongside PKI-based authentication brings greater flexibility for enterprises to issue and manage the right credential types to the right users.
Managed FIDO brings a variety of benefits across the enterprise
What it means for IT teams
What it means for end users
What it means for your organisation
Control how users authenticate with FIDO, based on defined security policy
Simplified policy-driven FIDO credential issuance that requires minimal IT effort
Enable access to multiple systems with one FIDO credential, utilising MyID’s plugin with Active Directory Federated Services (ADFS) and REST integration APIs
Control on revocation or replacement of FIDO credentials if employees lose or damage their credentialed device, change roles, or leave the business
Management software that integrates into your existing IAM infrastructure for quick, easy deployment
Simplified, passwordless login to corporate resources
Remote access via smartphone, USB token, or laptop
Strong cypto-backed authentication to protect against the threat of data breach
Enhanced user experience for employees who no longer have to remember numerous passwords, improving productivity and user satisfaction
Reduction in IT help desk demands through password resets, system lock outs, remote working access issues
Capacity to extend strong authentication to the supply-chain by credentialing suppliers who access internal business systems with FIDO credentials
MyID supports a wide range of standards-based FIDO devices, including, iOS and Android mobile devices, USB tokens including YubiKeys, and smart cards.
Uniquely, MyID provides management over multiple authentication technologies and form factors, enabling organisations to mix and match technologies that best fit their needs and required levels for security.
For example, an organisation could use:
PKI-based USB tokens for its remote workers
PKI-based smart cards for its finance staff, including signed and encrypted email
Virtual smart cards for temporary workers
FIDO security keys for the supply chain and contractors
MyID can provide unified credential management for all of these from one single point controlling policy, visibility and lifecycle management independent of the technology in use.
HOW IT WORKS
MyID delivers the control enterprises need to deploy FIDO across employees and supply-chains.
MyID provides control over which groups of users can receive FIDO tokens
Requests for new FIDO credentials can be operator-led, via API or self-service
Issuance policy defines how a user must authenticate before collecting their FIDO credentials, options include, OTP, existing smart card, integrated Windows authentication and an existing FIDO key
MyID binds a FIDO key to a user at issuance, keeping track of who has which FIDO credentials
MyID provides a built-in FIDO certified authentication server and integrates with your existing infrastructure by ADFS plug-on or OpenID Connect
Authentication operations are centrally audited for visibility and tracking purposes
MyID keeps track of who has which FIDO credentials and provides visibility by enquiry, reports and API
As MyID tracks who has which FIDO credentials, it provides organisations the ability to revoke and replace credentials as employment status or rights change
Lifecycle operations are audited, providing visibility and reporting over management operations in addition to authentication operations
Using IT-set security policies, the MyID authentication service will determine how a user is allowed to authenticate and walk the user through the authentication process
Once authenticated, MyID authentication service will then communicate via the plug-in with ADFS to grant access to the end system
EXPERIENCE MANAGED FIDO
Contact us now to arrange a free demo of managed FIDO using the contact form below.
Trusted by government and large enterprises, worldwide
Where data really matters, you will find MyID. The security, reliability and interoperability of MyID software sets it apart and is why we are proud to help many leading organisations around the world manage the secure digital identities they issue, whether that's governments managing citizen ID or enterprises managing employee, contractor and supplier IDs.