Given the increasing number of passwords to access computer resources, companies must deal with two challenges: the selection of too simple passwords that are changed infrequently or written down on a post-it™ is the cause of security breaches and/or identity theft; while forgotten passwords are responsible for a loss of user productivity and an increased workload for the helpdesk.
To make information system access more secure and reduce the cost of user support, Avencis has created SSOX, a comprehensive, simple and non-intrusive Single Sign On solution.
Easier access to the IS: a single ID and password
- Users only need to remember a single master password (or PIN code for strong authentication) to access all of the company’s computer resources.
- SSOX stores all secondary passwords and automates connecting to multiple applications and IS resources.
Enhancing IT security with user password and access management
- Primary password management and changes: the password can be selected by the user or randomly generated. Its characteristics (such as minimum length, complexity, duration) can be configured.
- Security for critical applications: Single Sign On sets the stage for tougher security policies because users no longer have to manage secondary passwords. If an application does not have its own security policy, SSOX can specify how long passwords will be valid.
- Taking into account special access: SSOX manages multiple accounts per user, shared accounts (service accounts, administrator accounts) and controlled delegation of application accounts to other users for a limited or unlimited time period.
Handling any type of application
- Access management for all types of applications: from Web applications accessible via Internet browser to applications hosted on large systems (such as MVS and AS400) and Windows applications.
- Remote access to applications: the SSO engine can also be used in thin or virtual client infrastructures (such as Citrix ICA, Microsoft Terminal Server and Systancia Applidis/Fusion).
Rapid integration into existing information systems and gradual roll out
SSOX does not affect previous IT investments or the expertise of administrative teams.
- Native integration with the IS: applications are not modified, which means there are no specific integration costs and SSO can be gradually rolled out.
- Self-learning: during the first connection to an application, SSOX automatically requests the user’s credentials and saves them for future connections.
- Integration with third-party solutions: SSOX has the ability to interface with all types of solutions (including directories, provisioning and monitoring) that support Service Provisioning Markup Language (SPML) and Web Services. A third-party application resetting a user’s primary password does not disrupt SSOX’s operation.
- Non-intrusive solution: SSOX has a minimal footprint on the infrastructure of the IS.
Decrease in helpdesk costs
- Self-troubleshooting module: users can change (reset) their primary password using the Windows authentication banner. If the account is locked, the user can also unlock it.
- Application configuration using a completely graphic interface: assistants help to configure the various kinematics (including authentication, authentication failure, password change, password change failure and forced password change on next login).
- Graphic and textual customization of the SSOX interface: tailored to the company’s uses, business terminology and graphic standard.
- Single console: users can start applications directly from the SSOX interface with one click.
Compatible with the main technology standards
- SSOX uses existing directory infrastructures: Microsoft Active Directory, ADAM/ADLDS or commercial LDAP directories.
- Support for 32-bit (Windows 2000/XP/XP Embedded/Vista/Seven/2003 and R2/2008) and 64-bit (Vista/Seven/2008R2) Windows environments.