Introduction

Pyn Logic introduces an innovative authentication mechanism by selectively enforcing the use of two-factor authentication when connecting to Microsoft SQL Server database servers. This authentication method requires the use of security tokens (RSA SecurID or CRYPTOCard) to generate one-time use passwords. Implementing two-factor authentication provides key capabilities including:  Positively identifies the user connecting to a database server  Eliminates the massive database security risk resulting from weak and outdated static passwords  Introduce the concept of one-time passwords to database servers

	Details

	Granular Two-Factor This new security solution leverages the already powerful Enzo platform to selectively enforce the use of those security token depending on who, what, when and where. Corporations can now enforce accountability of shared database accounts by knowing exactly who is using them. For example, a corporation may decide to enforce the use of security tokens when database connections are issued from VPN locations by employees or from the DMZ by Web applications (using software-generated tokens). This solution does not require any client-component and runs transparently over the database communication protocol. The users leverage the traditional login screens to append the necessary token information.                                                   Click here to enlage.
	SQL Server This two-factor capability is offered on SQL Server databases (2000 and 2005).
	Transparent Integration This solution requires no client-component and runs transparently over the database communication protocol. The users leverage the traditional login screens to append the necessary token information.
	Highlights of Related Features Additional features of Enzo 2006 include database account aliasing and Session Timeout. The account aliasing feature allows contractors to connect to a database server using an alias instead of a real database account. Since the account is not an actual database account it cannot be used to connect directly to the database server, hence protecting live database servers and backup tapes from the insider threat (rogue contractors or employees). The  Session Timeout  feature forcefully disconnects a database connection after a period of time of inactivity; a key HIPAA and PCI requirement.
	Solving Tough Compliance Needs Providing accountability is virtually impossible when users logon using database accounts since these accounts are usually shared, such as administrator accounts. Enzo reports will show who actually used a shared database account, when, from where and using which application.