150 likes | 360 Views
ESSO and Strong Authentication for Secure Access Steve Sanders Territory Manager. The need for user authentication is clear …. “On the Internet, nobody knows you’re a dog.”. Strong authentication allows for a more enjoyable and secure user experience .
E N D
ESSO and Strong Authentication for Secure AccessSteve Sanders Territory Manager
The need for user authentication is clear … “On the Internet, nobody knows you’re a dog.”
Strong authentication allows for a more enjoyable and secure user experience WELCOME CANINE MUTT, MOSTLY BLACK LAB, ENJOYS MEATBALLS, FETCHING AND CHASING OTHER DOGS… UPDATING PROFILE…
Increased access – greater access to hosted and web applications Increased awareness – greater damage from viruses, spyware, loggers Increased regulation – HIPAA, Gramm-Leach-Bliley, Sarbanes-Oxley, in the U.S. The Data Protection Act in the UK. Basel II, FDIC, and the U.S. Code of Federal Regulations (CFR) industry standards, such as BS7799 in the UK and BS7799-2 and ISO 17799 worldwide Strong authentication mandates and guidelines Technological advances – cost effective solutions offering greater convenience and fewer shortcomings What is driving strong authentication?
What you know: Passwords Strong passwords What you have: ID Tokens Smart Cards Passive Proximity Cards Active Proximity Cards Authentication – Its all about identifying the user • What you are: • Fingerprint • Iris scans • Where you are: • Converged logical-physical access • RFID tags Technology is only part of the solution – understanding your user requirements is critical
Which authentication technology is best It depends on your priorities • Convenience? • Security requirement? • Reduced help desk costs? • Cost of implementation? • Compliance? Match the authentication to the fit your user’s workflow …
Key business factors to consider • Compliance benefits • User benefits • IT benefits • Industry-specific benefits • Purchase cost • Deployment cost Decide on the relative importance of the factors to establish a selection criteria
Cost/Benefit comparison *Time and Resources involved to deploy and maintain the technology or to support the end user
ESSO Drives Strong Authentication • Eliminate multiple passwords • Increase user productivity • Meet regulatory compliance • Create personalized user experience Offers increased protection from unauthorized access but does not address the real issues unless deployed with ESSO:
Strong Authentication and ESSO Go Hand in Hand Jonathan Penn, Forrester Research • Balance the complexity of two-factor logins by enabling users to only have to log in once. • Remove the necessity for integrating strong authentication into every application, by reducing the number of passwords that users need to remember to one. • Deliver user satisfaction and cost savings through reducing help desk costs. By integrating strong authentication and ESSO companies can: Companies should employ Enterprise Single Sign-on (ESSO) as a critical and early stage component of their authentication strategy.
IT Considerations • Infrastructure • Back-end server integration or directory modifications • Network impact – bandwidth, connectivity • Resiliency – failover, online/offline use, backups • Security – data security • Administration • Centralized user management and reporting • Token and device management • Single versus multiple suppliers • Deployment • Policy – flexibility, choice of authentication modes • Software installation – middleware or single install • ESSO enablement – can all applications be handed easily
Lessons from the field • User adoption will make or break you – take a friendly approach • Choose an IT Savvy champion within the user community • Design to streamline user workflow • Provide a choice of authentication modes for users/roles • Standardization of devices will help you • You can never have too much communication/ education/promotion surrounding your implementation • Educating everyone once and one way is not enoughKeep in close contact with users – appreciate and incorporate their feedback • Holding the users’ hands takes time but can help keep you employed
Future Trends • Authentication technology is constantly improving • Universal acceptance for device based authentication • Trend to match authentication modality to user role • Decreasing cost of authentication modalities • Increase use of physical access cards as methods of authentication • Comprehensive access policy fromintegration of physical and logical securitySecurity is all about making it convenient for your users
OneSign is an easy, smart and affordable appliance that provides a single authentication management solution for securing enterprise networks, applications and integrated IT/building access. “Excellent” About Imprivata® OneSign™ Imprivata provides Converged Identity and Access Management solutions
Thank you www.imprivata.com