The many benefits of SSO
Single sign-on hits the mid-market
Quocirca’s changing channels Single sign-on (SSO) can benefit the ease of use and security of IT in any organisation that expects its employees to use multiple applications, often from multiple locations. Until recently, it was mostly enterprises that have made use of SSO, but a new appliance, launched in Europe this year makes it practical for the mid-market and is an opportunity for resellers.
It is often said that IT helpdesks spend more time fixing passwords than carrying out any other single task. The way to reduce this problem is to implement SSO giving users access to all the applications they need, only having to authenticate themselves once. One-off user identification can be made to be more rigorous than would be practical if it was done separately for each individual application through the use of additional authentication requirements such as biometrics, proximity cards or tokens in addition to usernames and passwords.
SSO systems need to be able to interface to various applications on different platforms, handle multiple groups of users with wide-ranging access requirements, distinguish between mobile and office-based workers and interface the strong authentication devices that provide the additional security.
There is nothing new about SSO itself; IBM provides the capability as part of its Tivoli suite, but this is aimed at enterprises. Computer Associates’ eTrust Single Sign-On and Novell’s Nsure SecureLogin are software based solutions that are more suitably configured and priced for the mid-market. There also solutions from strong authentication specialists like RSA Security and ActivCard. But all these are going to be given a run for their money by the new appliance from a vendor called Imprivata.
Imprivata’s OneSign is competitively priced for the mid-market, especially considering that being an appliance it has no additional hardware requirements. In fact, it always ships two appliances as a part of the deal so a hot stand-by can always be available should the primary device fail. Imprivata says the OneSign is easy to deploy, can be easily linked to LDAP compliant directories such as Microsoft’s Active Directory and be front-ended by any strong authentication system.
And Imprivata has another trick up its sleeve - an Application Profile Generator – a tool that can examine any application – packaged, home-grown or legacy – and create a profile of it to map individual or groups of users to. This is an easy to use drag and drop tool which does not require any scripting or and is designed to be used by a non-IT expert. OneSign learns as it goes along. Once the system is up and running the user’s login information is learnt as and when they access applications.
Imprivata is a US-based company backed by venture capital. It shipped the first OneSign appliance in May 2004 and launched in Europe earlier this year. The European operation is tiny at present, but as it only plans to sell and support via resellers, it does not need a huge local infrastructure.
Imprivata has already signed up five or six resellers in the UK and 10 or so in the rest of Europe. If you are looking to help your customers improve security and reduce the time wasted by IT helping forgetful employees to access applications, this new appliance is worth taking a look at.
Please feel free to let Quocirca know your views on Imprivata’s OneSign and if it represents an opportunity for your organisation; email firstname.lastname@example.org
Bob Tarzey is a service director at Quocirca focussed on the route to market for IT products and services in Europe. Quocirca is a UK based perceptional research and analysis firm with a focus on the European market.