1 / 15

ESSO and Strong Authentication for Secure Access Steve Sanders Territory Manager

ESSO and Strong Authentication for Secure Access Steve Sanders Territory Manager. The need for user authentication is clear …. “On the Internet, nobody knows you’re a dog.”. Strong authentication allows for a more enjoyable and secure user experience .

aulii
Download Presentation

ESSO and Strong Authentication for Secure Access Steve Sanders Territory Manager

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. ESSO and Strong Authentication for Secure AccessSteve Sanders Territory Manager

  2. The need for user authentication is clear … “On the Internet, nobody knows you’re a dog.”

  3. Strong authentication allows for a more enjoyable and secure user experience WELCOME CANINE MUTT, MOSTLY BLACK LAB, ENJOYS MEATBALLS, FETCHING AND CHASING OTHER DOGS… UPDATING PROFILE…

  4. Increased access – greater access to hosted and web applications Increased awareness – greater damage from viruses, spyware, loggers Increased regulation – HIPAA, Gramm-Leach-Bliley, Sarbanes-Oxley, in the U.S. The Data Protection Act in the UK. Basel II, FDIC, and the U.S. Code of Federal Regulations (CFR) industry standards, such as BS7799 in the UK and BS7799-2 and ISO 17799 worldwide Strong authentication mandates and guidelines Technological advances – cost effective solutions offering greater convenience and fewer shortcomings What is driving strong authentication?

  5. What you know: Passwords Strong passwords What you have: ID Tokens Smart Cards Passive Proximity Cards Active Proximity Cards Authentication – Its all about identifying the user • What you are: • Fingerprint • Iris scans • Where you are: • Converged logical-physical access • RFID tags Technology is only part of the solution – understanding your user requirements is critical

  6. Which authentication technology is best It depends on your priorities • Convenience? • Security requirement? • Reduced help desk costs? • Cost of implementation? • Compliance? Match the authentication to the fit your user’s workflow …

  7. Key business factors to consider • Compliance benefits • User benefits • IT benefits • Industry-specific benefits • Purchase cost • Deployment cost Decide on the relative importance of the factors to establish a selection criteria

  8. Cost/Benefit comparison *Time and Resources involved to deploy and maintain the technology or to support the end user

  9. ESSO Drives Strong Authentication • Eliminate multiple passwords • Increase user productivity • Meet regulatory compliance • Create personalized user experience Offers increased protection from unauthorized access but does not address the real issues unless deployed with ESSO:

  10. Strong Authentication and ESSO Go Hand in Hand Jonathan Penn, Forrester Research • Balance the complexity of two-factor logins by enabling users to only have to log in once. • Remove the necessity for integrating strong authentication into every application, by reducing the number of passwords that users need to remember to one. • Deliver user satisfaction and cost savings through reducing help desk costs. By integrating strong authentication and ESSO companies can: Companies should employ Enterprise Single Sign-on (ESSO) as a critical and early stage component of their authentication strategy.

  11. IT Considerations • Infrastructure • Back-end server integration or directory modifications • Network impact – bandwidth, connectivity • Resiliency – failover, online/offline use, backups • Security – data security • Administration • Centralized user management and reporting • Token and device management • Single versus multiple suppliers • Deployment • Policy – flexibility, choice of authentication modes • Software installation – middleware or single install • ESSO enablement – can all applications be handed easily

  12. Lessons from the field • User adoption will make or break you – take a friendly approach • Choose an IT Savvy champion within the user community • Design to streamline user workflow • Provide a choice of authentication modes for users/roles • Standardization of devices will help you • You can never have too much communication/ education/promotion surrounding your implementation • Educating everyone once and one way is not enoughKeep in close contact with users – appreciate and incorporate their feedback • Holding the users’ hands takes time but can help keep you employed

  13. Future Trends • Authentication technology is constantly improving • Universal acceptance for device based authentication • Trend to match authentication modality to user role • Decreasing cost of authentication modalities • Increase use of physical access cards as methods of authentication • Comprehensive access policy fromintegration of physical and logical securitySecurity is all about making it convenient for your users

  14. OneSign is an easy, smart and affordable appliance that provides a single authentication management solution for securing enterprise networks, applications and integrated IT/building access. “Excellent” About Imprivata® OneSign™ Imprivata provides Converged Identity and Access Management solutions

  15. Thank you www.imprivata.com

More Related