Thursday, 18 June 2009

GrIDsure and Quest Software form strategic partnership

@ Quest we're all about evolving our products to meet our customers needs.

A perfect example of this is the partnership we have just signed with GrIDsure.

Full GrIDsure press release as follows:

GrIDsure, the innovative alternative to PINs and passwords, today announced that it has formed a strategic partnership with Quest Software, Inc., to integrate GrIDsure's technology into the Quest ‘One Identity’ solution portfolio. Quest’s two factor authentication solution, Defender, is the first Quest product that will be enhanced with GrIDsure to extend the product’s existing two-factor authentication capability.

GrIDsure’s solution is based on its groundbreaking yet simple invention that allows users to authenticate themselves by remembering a minimum of a four block sequential pattern on a five by five grid. By integrating GrIDsure’s software-based solution, Quest will be able to offer its customers an enhanced level of scalable security at a very competitive price point, whilst enhancing the user experience.

Quest Defender is a standards-based strong authentication solution built to leverage Microsoft’s Active Directory for administration and management, and the addition of GrIDsure will maintain its level of interoperability for enterprises looking for a cohesive and holistic security strategy. Quest currently has approximately 300,000 users of Defender across many sectors such as healthcare, financial services and public sector. Quest expects Defender with GrIDsure to be commercially available in the summer of 2009.

Jonathan Craymer, Chairman, GrIDsure commented: “GrIDsure is a perfect fit for Quest’s product line and this is a great example of how our technology can become an extra ingredient for an existing product. Our technology has been easily integrated into Quest’s solution to enhance the security of the system whilst being much more cost effective than existing alternatives.”

Stuart Harrison, Product Manager, Quest, commented: “GrIDsure is a completely unique concept and we see great potential in this technology as our customers are always looking for enhanced security without the headache and cost of extra hardware. GrIDsure is very difficult to compromise and is a significant step in right direction for security both in terms of usability and cost effectiveness for the customer and the end user alike.”

More about GrIDsure:

The aim of GrIDsure is simple, to offer everyone an easier and more secure way to protect their own identity and authenticate themselves.

GrIDsure is a new ingredient in the security mix, able to generate 'one-time' codes that are more secure and resilient to 'spyware' threats, creating an extra security layer which can work on its own or alongside all existing or future technologies such as biometrics and PKI.

GrIDsure neatly replaces all fixed passwords, PINs or combinations, on any electronic device or system, ranging from computers and mobiles to the world of physical security. GrIDsure is more secure and more cost effective than traditional hardware-based alternatives, is highly scalable and reduces administrative time to run the system.

GrIDsure was awarded ‘Cool Vendor in Application Security and Authentication 2008' status by Gartner.

Press Contact:

David Atkinson

+44 (0) 207 608 4684

3rd Party links to this story:

Wednesday, 17 June 2009

Quest's Defender TFA token for the iPhone is fully supported on the brand new iPhone 3.0 OS.

Search for 'iToken' from iTunes or click this link to download to your iPhone/iPod Touch:

Friday, 12 June 2009

Defender & ARS working together

One of the things Defender does best is that it provides an easy to manage two factor authentication solution.

We've now gone one step further to increase this ease of use by extending Defender functionality within Quest Active Roles Server.

QARS provides you with all the additional security functionality you could want when it comes to managing AD and things like delegation, automated provisioning and much, much more.

Now that QARS can provision users' TFA credentials, you have a truly complete security management solution for your AD users.

Have a look at a high-level run through of Defender and ARS working together here:

You can also find out more about ARS here:

Thursday, 11 June 2009

Password Management for dummies

Password resets are a mundane, time consuming task but one vital to any organization.

Most if not all the companies I visit want to make the users more self sufficient so they can reduce the burden on the helpdesk and free them up to do other things.

One of the biggest HD overheads (time and hence cost)? PW resets!

So what are your choices? As I see it it can be narrowed to the following:
  1. Continue spending loads of money on your own helpdesk
  2. Build and application yourself
  3. Buy a self service PW reset application from someone like Quest.
They all have their challenges:
  1. Costly!
  2. More costly!
  3. Confusing

Most people agree they want a COTS app as it's often the easiest from an implementation perspective, and you can give the vendors a hard time when something goes wrong so there's and element of 'insurance' included.

That said, if you Google 'password self service' or the like, you'll most probably get a 101 million hits and it's difficult to know where to start.

Keep it simple:
  1. Stating the obvious but it must offer good ROI and TCO.
  2. It should be a proven technology. Are you willing to be a security guinea pig? Probably not.
  3. Where are your users? In AD? If they are, you want a fully AD integrated solution. If they're not, go with whatever scales/is integrated best with your environment.
  4. It should be flexible to the extent that you can include as many applications within the PW reset as you deem necessary. Is one secure PW better than 10 insecure PW's? I don't know but it's definitly more convenient for the end user meaning the chances they wrote them down is less. And yes, PW sync is WAY easier than SSO no matter what anyone says so if you're looking to rationalize PW's & ID's, this is a great start!
  5. Future proof it. Don't buy proprietary!
Check out & for more info on how Quest can help you with all the above and loads more.

Quest Defender - Superior Two Factor Authentication

Yes I'm the PM so I understand your natural tendency to think I'd be biased towards my own product.

However, after working for the likes of RSA, Entrust, ActivIdentity and others in the TFA space, I have the experience to say that Quest's TFA solution offers some of the most significant cost savings I've seen to date and in addition, has some of the best technical functionality on any TFA solution I've seen.

If you want to reduce cost, integrate management, increase ease of use and embrace an industry standards based TFA solution, you should look at Defender.

SC Magazine agree and have awarded defender a full 5 stars, something very few (if any) other TFA vendors have achieved.

What are you waiting for? You can test the convenience of Defender without having to install a thing by simply registering for the campaign here: