Feeds

The many benefits of SSO

Single sign-on hits the mid-market

Internet Security Threat Report 2014

Quocirca’s changing channels Single sign-on (SSO) can benefit the ease of use and security of IT in any organisation that expects its employees to use multiple applications, often from multiple locations. Until recently, it was mostly enterprises that have made use of SSO, but a new appliance, launched in Europe this year makes it practical for the mid-market and is an opportunity for resellers.

It is often said that IT helpdesks spend more time fixing passwords than carrying out any other single task. The way to reduce this problem is to implement SSO giving users access to all the applications they need, only having to authenticate themselves once. One-off user identification can be made to be more rigorous than would be practical if it was done separately for each individual application through the use of additional authentication requirements such as biometrics, proximity cards or tokens in addition to usernames and passwords.

SSO systems need to be able to interface to various applications on different platforms, handle multiple groups of users with wide-ranging access requirements, distinguish between mobile and office-based workers and interface the strong authentication devices that provide the additional security.

There is nothing new about SSO itself; IBM provides the capability as part of its Tivoli suite, but this is aimed at enterprises. Computer Associates’ eTrust Single Sign-On and Novell’s Nsure SecureLogin are software based solutions that are more suitably configured and priced for the mid-market. There also solutions from strong authentication specialists like RSA Security and ActivCard. But all these are going to be given a run for their money by the new appliance from a vendor called Imprivata.

Imprivata’s OneSign is competitively priced for the mid-market, especially considering that being an appliance it has no additional hardware requirements. In fact, it always ships two appliances as a part of the deal so a hot stand-by can always be available should the primary device fail. Imprivata says the OneSign is easy to deploy, can be easily linked to LDAP compliant directories such as Microsoft’s Active Directory and be front-ended by any strong authentication system.

And Imprivata has another trick up its sleeve - an Application Profile Generator – a tool that can examine any application – packaged, home-grown or legacy – and create a profile of it to map individual or groups of users to. This is an easy to use drag and drop tool which does not require any scripting or and is designed to be used by a non-IT expert. OneSign learns as it goes along. Once the system is up and running the user’s login information is learnt as and when they access applications.

Imprivata is a US-based company backed by venture capital. It shipped the first OneSign appliance in May 2004 and launched in Europe earlier this year. The European operation is tiny at present, but as it only plans to sell and support via resellers, it does not need a huge local infrastructure.

Imprivata has already signed up five or six resellers in the UK and 10 or so in the rest of Europe. If you are looking to help your customers improve security and reduce the time wasted by IT helping forgetful employees to access applications, this new appliance is worth taking a look at.

© Quocirca

Please feel free to let Quocirca know your views on Imprivata’s OneSign and if it represents an opportunity for your organisation; email qcc@quocirca.com

Bob Tarzey is a service director at Quocirca focussed on the route to market for IT products and services in Europe. Quocirca is a UK based perceptional research and analysis firm with a focus on the European market.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.