Feeds

The many benefits of SSO

Single sign-on hits the mid-market

High performance access to file storage

Quocirca’s changing channels Single sign-on (SSO) can benefit the ease of use and security of IT in any organisation that expects its employees to use multiple applications, often from multiple locations. Until recently, it was mostly enterprises that have made use of SSO, but a new appliance, launched in Europe this year makes it practical for the mid-market and is an opportunity for resellers.

It is often said that IT helpdesks spend more time fixing passwords than carrying out any other single task. The way to reduce this problem is to implement SSO giving users access to all the applications they need, only having to authenticate themselves once. One-off user identification can be made to be more rigorous than would be practical if it was done separately for each individual application through the use of additional authentication requirements such as biometrics, proximity cards or tokens in addition to usernames and passwords.

SSO systems need to be able to interface to various applications on different platforms, handle multiple groups of users with wide-ranging access requirements, distinguish between mobile and office-based workers and interface the strong authentication devices that provide the additional security.

There is nothing new about SSO itself; IBM provides the capability as part of its Tivoli suite, but this is aimed at enterprises. Computer Associates’ eTrust Single Sign-On and Novell’s Nsure SecureLogin are software based solutions that are more suitably configured and priced for the mid-market. There also solutions from strong authentication specialists like RSA Security and ActivCard. But all these are going to be given a run for their money by the new appliance from a vendor called Imprivata.

Imprivata’s OneSign is competitively priced for the mid-market, especially considering that being an appliance it has no additional hardware requirements. In fact, it always ships two appliances as a part of the deal so a hot stand-by can always be available should the primary device fail. Imprivata says the OneSign is easy to deploy, can be easily linked to LDAP compliant directories such as Microsoft’s Active Directory and be front-ended by any strong authentication system.

And Imprivata has another trick up its sleeve - an Application Profile Generator – a tool that can examine any application – packaged, home-grown or legacy – and create a profile of it to map individual or groups of users to. This is an easy to use drag and drop tool which does not require any scripting or and is designed to be used by a non-IT expert. OneSign learns as it goes along. Once the system is up and running the user’s login information is learnt as and when they access applications.

Imprivata is a US-based company backed by venture capital. It shipped the first OneSign appliance in May 2004 and launched in Europe earlier this year. The European operation is tiny at present, but as it only plans to sell and support via resellers, it does not need a huge local infrastructure.

Imprivata has already signed up five or six resellers in the UK and 10 or so in the rest of Europe. If you are looking to help your customers improve security and reduce the time wasted by IT helping forgetful employees to access applications, this new appliance is worth taking a look at.

© Quocirca

Please feel free to let Quocirca know your views on Imprivata’s OneSign and if it represents an opportunity for your organisation; email qcc@quocirca.com

Bob Tarzey is a service director at Quocirca focussed on the route to market for IT products and services in Europe. Quocirca is a UK based perceptional research and analysis firm with a focus on the European market.

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.