Single Sign On: regulating access cards

By now, many organisations are aware of the advantages of Single Sign On (SSO). Employees benefit from SSO because they only have to remember a single (complex) password rather than dozens of (complex) passwords, the IT department receives fewer password reset calls and network security is enhanced ensuring the organisation can meet auditing requirements. However, many organisations want to enhance security even further by adding pass cards into the login process –meaning 2-factor (and therefore stronger) authentication. SSO makes this possible by replacing the initial AD username and password login process with an access card and PIN code. Any type of card can be used for this, e.g. a debit or even a library card. Users will be logged in by placing their card against or on a card reader, and then via SSO will be automatically logged in when they launch their permitted applications. The card's unique ID is linked to the holder's username and password. In many cases, end users are able to assign the card to their account themselves by a process of self-service enrolment.

Although this is very user-friendly for employees, organisations usually prefer to only permit the use of cards which have been issued by the organisation itself rather than random card types. Tools4ever is the only supplier offering network administrators the ability to only accept cards within a certain number range. In other words, certain cards can be excluded from self-service enrolment, so that physical access cards are only allowed if they have been issued by management.

E-SSOM, the Single Sign On solution by Tools4ever, can also be configured to only allow active cards. For example, when a card is issued (i.e when a new employee joins), it is activated. By setting up a link with the key card system, it's possible to only accept cards that are used actively within the organisation. When employees leave, their access cards will be revoked and/or disabled, after which the card is also disabled in E-SSOM. It is even possible to go a step further and only accept cards of employees who are physically present within the premises. Another option is to link access cards to the HRM system. When the HRM system indicates that an employee has left the company, that user card will be disabled so that it can no longer be presented to obtain physical or network access. Single Sign On combined with a pass cards offers a variety of options for integration with other systems. Tell us what you want and we can give you a tailored solution.

Who’s speaking please?

The majority of calls received by the IT helpdesk need to be verified. After all, to protect the network, helpdesk needs to be certain that the caller is who they say they are before they can grant access rights to applications. So, how can they do this whilst protecting each end-user's personal information?

Read more

Category

Single Sign On

Identity and Access Management, Helpdesk Caller ID, Caller ID Verification.

Access Management and SOX compliancy/audits

We frequently deal with companies that have to be compliant to SOX regulations. This often has a big impact on the IT department, particularly with regards to managing access rights. We find in these scenarios there are three very common issues which tend to arise:

Read more

Category

Single Sign On

Access Management, SOX, UMRA, User Management Resource Administrator, IT department.

Password Synchronisation vs. Single Sign On

Clients often ask me to advise them on reducing the number of passwords end-users need to use in order to access their account and applications. Their first approach, in order to avoid multiple passwords, is usually to ensure that passwords are synchronised over different systems.

Read more

SSO- The new software that could be the answer to NHS data protection woes

Healthcare organisations such as hospitals and surgeries operate complex networks comprising various applications running on multiple systems. Users need to have access to multiple applications for e-mail, the helpdesk and patient data, etc. In order to comply with increasingly strict security requirements, staff must enter separate username and password combinations for each application.

Read more

Category

Single Sign On

E-SSOM, SSO, Fast User Switching, Single Sign On.

Can time- consuming login processes become a thing of the past?

Password synchronisation solutions can prove extremely useful for increasing efficiency and reducing costs. As with Tools4ever’s Password Sychronisation Manager, they allow end-users to use a single password for logging into their network, and all other applications they require access to. After end-users have changed their password, PSM ensures that they can log in directly to all the required systems and applications with a single set of log-on credentials. This can improve end-user productivity and minimise the number of password-related helpdesk calls. But is it possible to enhance efficiency and workforce productivity further still?

Read more

Category

Single Sign On

E-SSOM, SSO, Fast User Switching, Single Sign On, PSM