Google Authenticator is a mobile authentication app.
N/A
Symantec VIP
Score 10.0 out of 10
N/A
Symantec Validation and ID Protection Service (VIP) is presented as a
user-friendly, cloud-based strong authentication
service that enables enterprises to secure access to networks
and applications without impacting productivity. Also included with VIP Enterprise two-factor authentication is Symantec VIP Access Manager, a single access point to protect cloud and on-premise web apps via Single Sign-On (SSO).
It is supported by virtually all cloud-based software applications for business. I am happy to allow users to use this in addition to other authenticators. Certainly, if your business is in the Google cloud it makes sense, but my approach to the remote/virtual work world these past couple of years has been structured flexibility. Leaving some choice up to the users for their own comfort, particularly when they are using their own devices. I cannot think of a scenario where it is less appropriate - perhaps where you run the risk of "app sprawl". I.e., where you are requiring users to handle multiple authenticators (which can happen with certain pieces of hardware) you may want to encourage consolidation into one to avoid frustration.
Symantec VIP is well suited for enterprise institutions, like our own, managing a wide range of devices and wanting to provide their users with an extra layer of security. Being able to have 2-factor authentication with a unique pin was key for us and this would be well suited for any organization that holds sensitive information like, in our case, student records. They have great support and getting issues resolved does not take much time, a quick call to support usually straightens issues out.
Easy implementation: The product is very easy to implement both from embedding it into the application and from end users using it via their smartphones.
You can use Google Authenticator to manage multiple two-factor authentication keys.
Easy to add keys options: You can scan a QR code to set up 2FA in Google Authenticator. You can also do a manual entry using the unique key provided by the application you are setting up 2FA for.
It runs on only a few platforms, specifically Android, iOS, and Blackberry and in my opinion it needs to be available on every platform that is out there.
SA drawback I have noticed is that if you swap phones you have to blitz the entire app and go back and sync up all the accounts again which can be very frustrating for new users.
It can also be risky ( for some ) having all all your data centralized in one place.
Reliability on the app. Most users dislike having the authentication app on their cell phone because if they don't have their cellular device on-hand then they're unable to authenticate.
Perhaps a bio-metric enhancement in the near future would take this application to the next level.
It's as easy as opening the app and what I need it for is there. I don't have to fumble with other accounts or getting something else to open it for me. I have all the access that I need for the use of the app within seconds and I can get access to the info that I need.
I have found Google’s support to be hit or miss. There are times when they are very responsive, and I get my issue resolved quickly, and there are times where a response from them takes weeks. There is no in-between. But my support experience with this particular product is nonexistent because I have not had a problem with it yet. Hopefully, we do not have any problems with it either.
This product doesn't ensure single-use, real-time codes. This puts our data at risk and is not as secure as Google Authenticator. I anticipate using Google Authenticator as long as we continue to use the full Google Suite for business. It helps to streamline data and accounts.
Duo is good but Symantec VIP really takes the cake. Both Symantec VIP and Duo Security are used as a two factor application but Symantec VIP also allows you to use physical tokens. Some of our users prefer those over their phones and we can easily leverage Symantec VIP for that.
I would say from my limited role in the programs deployed and just being a user, this has been a valuable tool so our ROI is high. We get security and can breathe knowing we have authentication for those who have to be on our network and we are able to protect our work.