Microsoft buys security vendor PhoneFactor
Microsoft plans to integrate PhoneFactor's ulti-factor authentication technology into its cloud services and on-premises applications
IDG News Service - Microsoft has bought multi-factor authentication specialist PhoneFactor with the goal of integrating the company's technology into its cloud services and on-premises applications.
PhoneFactor, based in Overland Park, Kan., sells phone-based multi-factor authentication products for enterprises. Its technology was designed to work with both Microsoft enterprise products and with platforms from other vendors.
"Following this acquisition, Microsoft plans to further integrate PhoneFactor's technology into its Active Directory, Windows Azure Active Directory and Office 365 products," Bharat Shah, corporate vice president with Microsoft's Server and Tools division, said Thursday in a blog post.
For the time being PhoneFactor will continue to sell its products as a standalone service with existing pricing and contracts. However, in the future, the company's products will be transitioned to Microsoft's Volume Licensing contracts.
Existing PhoneFactor customers will continue to be supported and the company will remain open for business, PhoneFactor's CEO Timothy Sutton said in a blog post.
PhoneFactor's technology will also continue to work with non-Microsoft products and the company's existing partners will be able to continue to resell its products, according to a FAQ page on the company's website.
The use of multi-factor authentication for access to enterprise services and applications can prevent data breaches if user passwords are compromised.
This is because multi-factor authentication requires users to combine something they know, like their passwords, with something they own, like a special hardware device. With PhoneFactor's technology that device is the user's mobile phone or tablet.
The company offers three methods of phone-based authentication: calling users and waiting for them to answer and press the "#" key; texting users a passcode and waiting for them to send it back via SMS; or pushing an authentication request to an app installed on the users' phone and waiting for them to hit the "Authenticate" button.
Optionally the company also offers the possibility of using voiceprints in order to verify that the phone is actually in the user's possession. When this option enabled, the user also needs to speak a short phrase when called during the authentication process.
In recent years multi-factor authentication has been implemented into many online services. Google, Facebook, Yahoo Mail, LastPass and Dropbox are just some of the websites that offer it as an option for increased account security.
Microsoft has not adopted the technology for its new Outlook.com webmail service yet, but it requires it by default on billing.microsoft.com or xbox.com when users buy points.
Microsoft didn't disclose financial details of the deal.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Riverbed Stingray Application Firewall: Securing Cloud Applications with a Distributed Web Application Firewall Responsibility over IT security is moving away from the network and IT infrastructure and to the application and software architecture itself. IT organizations...
- Web Application Firewalls--Laying the Myths to Rest This paper addresses some of the myths about WAFs and outlines how businesses are optimizing their investment in protecting their ever-evolving web apps.
- PCI DSS Compliance in Cloud Environments This technology analysis addresses the challenges of the evolving cloud security landscape and how organizations can achieve PCI DSS compliance in cloud environments...
- Web Attack Survival Guide This guide will help you protect your organization from external threats targeting your high-value applications and data assets.
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
All Application Security White Papers |