By now, many organisations are aware of the advantages of Single Sign On (SSO). Employees benefit from SSO because they only have to remember a single (complex) password rather than dozens of (complex) passwords, the IT department receives fewer password reset calls and network security is enhanced ensuring the organisation can meet auditing requirements. However, many organisations want to enhance security even further by adding pass cards into the login process –meaning 2-factor (and therefore stronger) authentication. SSO makes this possible by replacing the initial AD username and password login process with an access card and PIN code. Any type of card can be used for this, e.g. a debit or even a library card. Users will be logged in by placing their card against or on a card reader, and then via SSO will be automatically logged in when they launch their permitted applications. The card's unique ID is linked to the holder's username and password. In many cases, end users are able to assign the card to their account themselves by a process of self-service enrolment.
Although this is very user-friendly for employees, organisations usually prefer to only permit the use of cards which have been issued by the organisation itself rather than random card types. Tools4ever is the only supplier offering network administrators the ability to only accept cards within a certain number range. In other words, certain cards can be excluded from self-service enrolment, so that physical access cards are only allowed if they have been issued by management.
E-SSOM, the Single Sign On solution by Tools4ever, can also be configured to only allow active cards. For example, when a card is issued (i.e when a new employee joins), it is activated. By setting up a link with the key card system, it's possible to only accept cards that are used actively within the organisation. When employees leave, their access cards will be revoked and/or disabled, after which the card is also disabled in E-SSOM. It is even possible to go a step further and only accept cards of employees who are physically present within the premises. Another option is to link access cards to the HRM system. When the HRM system indicates that an employee has left the company, that user card will be disabled so that it can no longer be presented to obtain physical or network access. Single Sign On combined with a pass cards offers a variety of options for integration with other systems. Tell us what you want and we can give you a tailored solution.