Identity Management and Access Security

Password management is often implemented as part of a single sign-on (SSO) access strategy. It should be effective regardless of how or where users connect to their applications.

Password management fundamentally changes the typical approach for managing multiple passwords. It centralises password management within an organisation’s IT department. Some key reasons for introducing a password management solution are:

• Application security is strengthened – eliminates the need for employees to track multiple passwords by automating password management and centralising it with IT.

• User access is simplified – The logon process is fully automated - users simply log on once and they are authenticated to all other password-protected applications.

• Regulatory compliance is facilitated - Legislation such as the Health Insurance Portability and Accountability Act (HIPAA) imposes stringent requirements for controlling which individuals can access which information and for protecting the privacy of consumers.

• Help desk calls decrease – routine password-related events are automated and made invisible to the end user. Users may also reset their own primary Windows password – eliminating many time consuming and costly help desk calls.

• Platform support broadens – supports Windows, Web and host-based applications, whether the applications are hosted centrally or deployed to the desktop.

• Implementation becomes easy – powerful configuration tools, a task-based management console and no scripting required enables simple configuration within an existing environment.

Authentication factors are generally classified into three cases:

1. Something the user has (e.g., ID card, security token, software token, phone, or cell phone)
2. Something the user knows (e.g., a password, pass phrase, or personal identification number (PIN))
3. Something the user is or does (e.g., fingerprint or retinal pattern, signature or voice recognition, unique bio-electric signals, or another biometric identifier)

Two-factor authentication, also known as strong authentication, is a system wherein two different factors are used to authenticate a user to your network applications and resources. Organisations use two factors as opposed to one to reduce their risk of identity theft and unauthorised access to critical business systems.