// Allows an iframe running on another domain to access query strings on this page

News & Information

CyberSafe TrustBroker™ products, for SAP business applications

CyberSafe TrustBroker Support Services

CyberSafe Announces TrustBroker Secure Client Version 4.3.2 at SAP® TechEd 2011 Las Vegas

Introduces smart-card logon and application-specific configuration features

LAS VEGAS – Sept. 12, 2011 – CyberSafe Limited today announced a new release of its popular TrustBroker Secure Client product, offering smart-card logon and application-specific configuration. TrustBroker Secure Client version 4.3.2 is able to take advantage of Microsoft Active Directory smart-card log-on features so users can use their smart cards to log on to SAP® applications.  The announcement was made at SAP TechEd 2011 Las Vegas, where CyberSafe is exhibiting in booth 210.

“If a company is using smart cards to log on to Windows, they have already gone through the required steps to set up certificate authentication, and the Secure Client product can take advantage of that,” explained Tim Alsop, CEO, CyberSafe.  “When the company security policy does not allow secure single sign-on, the user can authenticate to SAP applications by just entering the PIN code for their smart card, and they will be authenticated using the same identity used to log on to Windows.  For the user, it’s the method that they are already comfortable with when they log on to Windows, so it is easier for them, while the company can ensure security policy compliance, particularly where secure SSO is not permitted.”

Having support for two-factor authentication allows TrustBroker Secure Client to be used in more secure environments or, where certain users with administrative access to critical business applications need stronger authentication, to ensure they are who they say they are.

“Often a corporate security policy will demand different levels of authentication for different types of users,” added Alsop.  “Using Active Directory domain policy configuration, TrustBroker Secure Client can be configured to enforce two-factor authentication for certain users, while others can continue to authenticate using their domain account and password or, if allowed, they can use single sign-on so they don’t have to re-authenticate when they log onto an SAP application; instead the credentials issued during their initial log on to Windows will be used to authenticate them to the SAP application.”

With TrustBroker Secure Client version 4.3.2, CyberSafe also introduces a very useful application-specific configuration feature.  Previously, when TrustBroker products were installed on workstations or servers, all configuration details were common for any application running on that system and taking advantage of TrustBroker.  Now, TrustBroker allows more applications to be configured, each using a separate configuration. 

“For example, if an application on the workstation is logging onto a Sybase database using TrustBroker for authentication, the method of authentication can be configured to be different from that used when the same workstation is used to log on to SAP business applications,” explained Alsop.  “Depending on the application, company security policy might dictate different authentication needs.” 

The configuration can also be made user-specific.  “In some cases, for some applications and for certain users, a re-authentication might be required, but on other workstations a different user, using a different application, might be permitted to use single sign-on access when they log on,” added Alsop.

The new version of TrustBroker Secure Client is available immediately.  Existing customers can upgrade at no additional cost because it is part of their maintenance agreement.  New and existing customers can find out more about TrustBroker product improvements and additional features by visiting CyberSafe in booth 210 at SAP TechEd 2011, being held in Las Vegas Sept. 12-16, by viewing the http://CyberSafe.com website, or email CyberSafe using Info@CyberSafe.com.

###  ENDS  ###


For More Information, Press Only:

Email: PR@CyberSafe.com


Notes for editors:

The smart-card log on is implemented using the extension to Kerberos known as PKINIT. To view a short video demonstrating the use of PKINIT during log on to an SAP application, go to http://www.youtube.com/watch?v=1xAZKAIwpAQ. For further information on PKINIT, CyberSafe products or a biography of CyberSafe’s CEO Tim Alsop, please contact CyberSafe.

Leave us a message, or ask a question   CyberSafe on Twitter  CyberSafe on LinkedIn  CyberSafe on YouTube