Multifactor Authentication to CMS

Entrust is diligent in ensuring we meet or exceed industry security requirements. One example is the CA/Browser Forum's latest guidelines, "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates," which is effective July 1, 2012.

CA/Browser Forum: Baseline Requirements

Entrust is in full support of this mandate. The protection and authentication of digital identities is one of the key components in securing online transactions or communication. This added level of authentication makes it more difficult for your identity to be misused and your account compromised.

Baseline Requirements:
Section 16.5

The CA SHALL enforce multifactor authentication for all accounts capable of directly causing certificate issuance.

What is Multifactor Authentication?

U.S. federal regulators consistently recognize three authentication factor categories:

  • Something the user knows
    (e.g., password, PIN)
  • Something the user has
    (e.g., token, smart card)
  • Something the user is
    (e.g., biometric characteristic, such as a fingerprint)

Multifactor authentication requires the use of elements from two or more categories, making it more difficult to compromise than single-factor methods. Supplying a username ("something the user knows") and password (more of "something the user knows") is still single-factor authentication, despite the use of multiple pieces of distinct information.

An example of true multifactor authentication is requiring a user to also utilize a token or grid card ("something the user has"), or a thumbprint or iris scanner ("something the user is") in addition to the username and password.

Strong Authentication by Entrust

While Entrust CMS already offers optional multifactor authentication using userID/password, combined with the Entrust IdentityGuard grid card, multifactor authentication is mandatory, effective June 25, 2012, for ALL CMS Administrative users.

Starting in late May 2012, in addition to their existing userID and password, Entrust CMS Administrators will be able to choose one of the following second factors:

If you already use two factors with Entrust CMS, you will not be impacted by this change, unless you choose to switch second factors.

Entrust Makes Transition Easy

Effective July 1, 2012, all public certification authorities (CAs) must comply with these baseline requirements. Entrust Certificate Services makes use of Entrust's award-winning software authentication platform, Entrust IdentityGuard, which provides the broadest range of authenticators on the market.

This enables Entrust to deploy strong multifactor authentication to our customers in a secure, portable and easy-to-use solution, with no additional charges to our valued customers.

Learn More: Entrust IdentityGuard

EV Multi-Domain SSL Certificates

Entrust SSL certificates provide encryption-based security of sensitive information for websites and are the solution of choice for IT administrators charged with protecting their customer's transactions. Entrust SSL products are designed to meet and exceed even the most rigorous enterprise security standards, including guidelines stipulating scalability, manageability, and cost effectiveness while providing robust 256k-bit end-to-end encryption of customer interactions.

Entrust offers a range of SSL related products, including EV SSL certificates, which effortlessly integrate into an organization's existing e-commerce platform to provide a superior standard of web-based transactional security. EV Multi-Domain SSL Certificates denote the integrity of a website by requiring Entrust, the SSL certificate provider, to verify the identity and domain of the site owner prior to issuing an SSL secure server certificate. This additional layer of validation is signaled by a green address bar in major browsers, use of the https SSL protocol, and a badge from Entrust indicating the advanced level of security — all resulting in a higher level of consumer trust.

For over a decade, Entrust has been a leading provider of e-business solutions that secure online communications and transactions for enterprises.