Avencis adds a new module to its Single Sign-On solution, SSOX. Named ‘‘SSOX Mobile’’, this new – patented – feature transforms smartphones and tablets into strong authentication means to access corporate information systems.
Secure Access to Information Systems from Mobile Devices
Single Sign-On (SSO) is a way to make it possible for users to securely access different applications and resources of company’s information system by authenticating only once. With its new ‘‘SSOX Mobile’’ module Avencis extends the SSO capabilities to smartphones and tablets: any mobile device becomes a safe means of access, always available, to access the corporate information system. SSOX Mobile works for authentication and self-service, in connected and disconnected mode from the corporate network. It is available on Android and iOS platforms, and Windows Phone and Blackberry OS soon.
Dynamic Password Generation
Dynamic, non replayable passwords (OTP, One Time Passwords), are generated automatically and transparently, for secure access to corporate resources from mobile devices.
The SSOX OTP technology is available separately for secure remote access via third-party solutions such as VPN based on the RADIUS protocole (Remote Authentication Dial-In User Service). In this use case, it allows companies to leverage existing infrastructure while streamlining the management of their facilities.
Paris, October 19, 2011 – Avencis has been rated “promising” by the Gartner, in its last MarketScope For Enterprise Single Sign-on, published on September 30, 2011.
Gartner estimates that the total 2011 software revenue for the Enterprise Single Sign-on (ESSO) market was approximately $183 million, and grew at a rate of 9% over the amount reported last year. According to the analyst firm, this market should continue to grow at the same level by 2015, as SSO solutions provide an effective response to the problem of managing multiple passwords on too many heterogeneous platforms and architectures. Among the underlying trends, Gartner notes that SSO solutions are increasingly coupled with a corporate directory, in particular Active Directory, as well as strong authentication systems.
For its 2011 MarketScope for Enterprise Single Sign-on, Gartner evaluated 11 international vendors offers. Avencis was rated “Promising”. Gartner has noted that “Avencis has excellent breadth of directory support and easy integration, and its SSOX product supports a wide variety of vendors and types of authentication methods, and these methods are easily integrated with SSOX”. The analyst firm has highlighted that “SSOX features a solid reporting capability, delegated administration and the administrator-controlled ability for users to delegate their SSO access to others”. It has also underlined the following features: “The product offering bundles self-service password reset, shared workstation support, and emergency access with question-and-answer identity verification when users’ regular authentication technologies are unavailable.” Finally, it welcomed the progress made by Avencis in certificate management with its credential management system that integrates with SSO and support for SAML tickets.
For the fifth consecutive year, the San Francisco office of UBIFRANCE, a French Government Agency which assists French SMEs with their international business development, organizes its French Tech Tour, which will be held in June 2011 in Silicon Valley.
Avencis is one of 13 French start-ups chosen by 17 U.S. major players in the digital economy (Adobe, AT & T, British Telecom, Cisco, eBay, Fujitsu, Google, HP, Intel, Microsoft, Nokia, Qualcomm , Panasonic, SAP, Sony, Sprint, Verizon) to participate.
From 3 to 10 June 2011, we will be pleased to meet representatives of these IT leaders, to immerse ourselves in the Silicon Valley ecosystem, and to demonstrate our SSO and identity management solutions to American companies, through our participation in press conferences, events, appointments, networking…
> For more information on the French Tech Tour 2011
> For more information on UBIFRANCE
The new facility card controls logical and physical access (including restricted areas, parking areas and the cafeteria) at Valenciennes HC.
Paris, September 28, 2010 – Avencis, publisher of software programs to secure access to information systems, announces that Hpliance was selected by the Valenciennes Hospital Center as part of its unified system for employee identity and access management. Entrusted to integrator Business et Décision, Hpliance will be rolled out throughout 2011.
Reduce complexity and the cost of card and badge management
Opening a session on desktops, access to restricted areas of the hospital, access to the parking areas or the cafeteria: in the course of a few years, the number of access control systems at the Valenciennes Hospital Center greatly increased. Based on their position, the hospital’s medical and non-medical staff could have needed up to five badges to do their jobs. And that meant five identity management systems to update separately with each employee arrival, change in desktop or departure. In addition to the time spent updating profiles and associated rights, the risk of error greatly increased .
To simplify and secure these processes and reduce the cost of managing logical and physical access systems, Valenciennes HC management wanted to issue a single multifunction card to hospital employees. For medical staff, the card also needed to store the CPS (French Health Professional Card) certificate.
The chosen solution: a multifunction facility card
Following the standard government contract procedure, an “identities, user rights, authentication, smart cards” call for tenders was issued by Valenciennes HC in spring 2010. The contract was awarded on August 25, 2010 to Business et Décision for their proposal to roll out Avencis’s Hpliance software. Designed for hospitals, the solution meets the hospital center’s primary needs: access control, including through strong authentication, user rights management, management of cards’ and certificates’ lifecycle and full access traceability of employees.
Begun on September 15, 2010, the pilot stage in the Biology Lab will enable, in a few months, finalizing the prototype for initial introduction in the hospital’s ER in January 2011. Once these two pilot projects are completed, another crucial step is scheduled for May 2011: issuing 2,000 cards to all medical staff. In total, Valenciennes HC will roll out 4,500 cards and 2,000 card readers by the end of 2011, covering all of the hospital’s staff.
Practicality, security and traceability at a lower cost
From a practical standpoint, issuing the new facility card will greatly improve employees’ work environment: a single, multifunction card to access the computer network, restricted areas, parking areas and the cafeteria instead of several access badges. A functional advantage that will also save the hospital money: with current system, each card costs around €10 (in other words €50 per cardholder). With Hpliance, this cost is reduced to €15. The hospital will also maintain its independence because it will be able to run card issuing and management itself.
Rolling out Hpliance will also significantly increase logical and physical access security. This is because users’ identities and user rights can be managed centrally, reducing the risk of error. But also because of available end-to-end traceability of hospital employees’ actions: with Hpliance, medical and non-medical staff’s logical and physical accesses are logged and can be examined when necessary.
The combination of OpenTrust’s strong authentication and Avencis’s Single Sign On solutions will increase the security of information system access while improving user-friendliness.
Paris, September 25, 2010 – OpenTrust, publisher of the leading trusted infrastructure software, and Avencis, publisher of Single Sign On and identity management solutions, today announced their partnership and integration of their products.
Combining OpenTrust’s strong authentication with Avencis’s Single Sign On solutions will enable the partners to provide a comprehensive solution with two objectives: control access to the information system (IS) and increase user-friendliness.
Security policy enforcement within companies means that users have to remember and periodically change a growing number of complex passwords, which is a hassle and causes productivity losses. It also causes an increase in helpdesk costs, because the helpdesk is buried under calls from users who forgot their password or who cannot connect to applications.
At the same time, strong authentication solutions, based on a primary login for the operating system, are gradually expanding, to increase the corporate IS’s level of security.
By integrating their solutions – Open Trust’s cryptographic tools and certificate-based strong authentication and Avencis’s Single Sign On (SSO) solution – the partners aim to reconcile access security for all applications with user-friendliness for users, who no longer have to manage dozens of passwords.
“Our agreement enables us to offer integrated solutions that combine a high level of security with a more user-friendly desktop and that are easy to roll out and maintain,” declared Olivier Guilbert, President and CEO of OpenTrust, and David Wonner, President of Avencis, in a joint statement.
When it moved into its new headquarters, Galeo, in Issy-Les-Moulineaux, Bouygues Immobilier decided to roll out a single corporate badge combined with Avencis’s SSOX Single Sign On solution to simplify its employees’ lives while increasing security.
Paris, June 2011 – Avencis, publisher of software programs to secure access to information systems, announces the roll out of SSOX, its Single Sign On solution, at Bouygues Immobilier. As part of steps taken over the past 5 years by Bouygues Immobilier to integrate and secure the information system, SSOX uses an electronic badge that is also used to gain physical access to the company’s facilities and as an electronic wallet. The solution also covers secure document printing and scanning.
Simplify and secure logical and physical access
A subsidiary of the BTP Group specializing in real estate development, Bouygues Immobilier has approximately 1,400 employees. In 2009, the company dedicated a brand new headquarters, called Galeo, located in Issy-les-Moulineaux, that houses all its teams under one roof. This was an opportunity to devise new solutions for access to facilities and the information system that are convergent, simpler both to use and to administer, and that can even support new services for employees’ daily lives.
A need for simplicity and security. As is the case in many companies, the increasing number of applications in Bouygues Immobilier’s information system over the past few years could, in certain cases, create additional risks. Especially when it comes to IDs and passwords: since there are too many to remember, they are often jotted down on post-its™, are too simple or all the same. While increasing security, Bouygues Immobilier wanted to go even further by securing printing and scanning of sensitive or confidential documents.
After receiving tenders for major commercial solutions, SSOX by Avencis quickly became the frontrunner due to its simple roll out, wide range of technical features (SSO, strong authentication, card management), combined with a fleet of readers installed on the doors and desktops, to read the personal smart card issued to employees.
A single corporate badge combined with a single sign on solution
In the first phase, the badge was quickly adopted; this badge, which was issued to one third of employees (500 users), in the company’s colors to strengthen the “corporate” image, stores all the ID/password combinations to access applications and company premises. While the electronic wallet function made the badge essential during lunch breaks since it can be used to purchase meals in the company cafeteria.
In addition to its practical nature, the solution helped increase security: the badge stores and encodes all of the users’ access codes, so users only have to memorize a single pin code. Secondary passwords can be managed by the SSO tool and not selected by users (this is the case for the Windows password). The solution remains flexible: if the badge is lost or forgotten, there is a backup procedure. The absent-minded user can access the computer network by answering a series of predetermined questions. Finally, if there is a persistent problem, the helpdesk can provide a temporary password for that day.
A system expanded to printing and scanning
Bouygues Immobilier rapidly expanded Avencis’s solution to other tasks, such as secure printing (badge must be read by the printer to start printing) and secure scanning (scanned documents are sent to the user’s folder once the badge is read).
Eventually, Bouygues Immobilier wants to expand SSOX to allow users to synchronize emails on their smartphones, without having to know the Windows password. Bouygues Immobilier also plans to make its network accessible from public or private computers that are not owned by the company using a mobile version of SSOX, installed on a USB key. Finally, Bouygues Immobilier recently launched a study that aims to add a sharing function to desktops, for multiple connections to the same Windows session (desktops dedicated to specific uses such as keeping a schedule or support for example).
Paris, April 2010 – Avencis, French independent software publisher of information system access and identity management solutions, announces that it has been invited to join the McAfee® Security Innovation AllianceTM program.
Combined, McAfee and Avencis solutions give companies of all sizes end-to-end security solutions, from computer startup to application access. This partnership shows Avencis’s commitment to McAfee and its customers, especially in the health care and financial services industries, so that they can enforce data confidentiality and access traceability.
McAfee Security Innovation Alliance is a technological ecosystem that brings together security innovations at the global level. McAfee Security Innovation Alliance partners are selected for their leadership and innovation in their respective market segments.
For more information about the McAfee Security Innovation Alliance program and McAfee Endpoint Encryption software, visit: http://www.mcafee.com/sia
This new product provides a comprehensive response to the requirements of French Confidentiality Decree no. 2007-960 on the protection of personal medical information.
Paris, May 28, 2009 – During the 2009 HIT Expo, Avencis, publisher of software programs to secure access to the information system (IS) and Single Sign On (SSO), unveiled Hpliance. This new software package was designed to help health care facilities update their hospital information system (HIS), quickly and leveraging the legacy system, in order to comply with the requirements of Confidentiality Decree no. 2007-960 (applicable starting in May 2010) on the protection of personal medical information.
Hpliance provides an immediate and comprehensive response to the three main requirements of the Confidentiality Decree –establishing a database of all health care professionals (personal medical information), implementing strong authentication using certificates issued by GIP-CPS (Public Interest Group/French Health Professional Card) and HIS access traceability.
Based on Avencis technologies, which have proven their mettle in other industries, Hpliance was tailored to the needs of healthcare professionals, in terms of both functions and user-friendliness.
Hpliance comes standard with:
– A directory to centralize management of employees that access personal medical information (PMI). This directory may be populated and synchronized using external databases (such as Microsoft Active Directory, the HR database and RPPS). It can be searched using a yellow pages/white pages service;
– A module to control logical access to the HIS from desktops: authentication uses certificates issued by GIP-CPS. A Card Management System (CMS) manages the lifecycle of smart cards (CPS, IAS Premium and ECC) and temporary loaner cards;
– A preconfigured SSO engine, to automate authentications, password changes (or these actions’ failures),as well as major health care industry applications, including CrossWay3 by McKesson, Osiris by CorWin, DxCare by Medasys and C.Page by GIP C.Page. Connectors populate application authentication databases;
– A reporting module to verify compliance and ensure traceability of users’ access and rights (personal and delegated) and dashboards to supervise the entire solution;
– An administration interface, accessible via a Web interface, to manage security policies using the facility database; Assignment of application rights can be delegated to line-of-business managers.
On desktops, kiosk mode or Fast User Switching automates opening user sessions, with roaming workspace. Users can access the applications and documents that they normally access from any desktop in the hospital, seamlessly.
Hpliance is available through Avencis’s network of certified partners.