Defense Research and Development Organization (DRDO) is India’s premier defense R&D agency with a network of more than 50 laboratories, deeply engaged in developing defence technologies, has deployed Innefu’s AuthShield Two Factor Authentication (2FA) solution to firmly secure access to its mission critical SAP ERP systems from growing data breaches and hack attacks, both from within and outside in the country.
Owing to persistent hack attacks on SAP systems deployed around the world, DRDO chose to implement Innefu AuthShield two factor authentication solution to dynamically re-validate credentials & authenticity of users every time they logged into the organization’s ERP.
Innefu Authshield 2FA solution uses dual mode of identification where along with the user id and password of the user, verification is also done through a secure randomly generated one time password (OTP) or a challenge response mechanism using PUSH Notification protocol. The OTP is generated automatically and provided to the user through multiple form factors including Hard Token, Mobile Push, Mobile Token, Soft Token, SMS Token and Voice Token. An organization can easily mix and match and choose specific form factors for different users.
“The SAP application used by DRDO provided no access to the source code,” says Abhishek Sharma, Co-Founder, Innefu Labs, “The client had reached out to a number of leading authentication solution providers to integrate multi-factor authentication but failed to get a quick, cost effective and reliable solution as there was no inbuilt provision to integrate 2FA within SAP ERP,” he added.
Innefu AuthShield integrated second factor of authentication (2FA) for DRDO’s SAP system using its unique protocol decoding mechanism. This is a patent pending technology which integrates 2FA at a protocol level rather than integrating the solution at client end interfaces. The integration at protocol level ensures that AuthShield can be integrated in even those applications which do not inherently provide support for 2FA including SAP, Microsoft Exchange, Oracle communication messaging servers, Database Queries etc.
The Innefu AuthShield 2FA delivers numerous advantages since its implementation including reduced TCO, no extra devices to protect VPN, seamless integration with user needs, unbreakable architecture preventing 99.9% identity theft and inter-operability where the same 2FA system can be used by DRDO to secure access to numerous other applications deployed at DRDO.
“Most multi-factor authentication solutions available in the market today are dependent on end point applications for integration,” says Abhishek Sharma, Co-Founder, Innefu Labs, “ While VPN and Firewall vendors have made provisions for 2FA, most other application vendors have not made any such provision in their programs thereby providing a backdoor to hackers to get in” he added.