Indeed Access ManagerIndeed Access Manager Indeed Privileged Access Manager Indeed Certificate Manager
AND SINGLE ACCESS POINT
AND SINGLE ACCESS POINT
Use advanced technologies for the user’s access to your company's IT resources instead of using obsolete and unreliable password authentication
Biometric authentication of the company employees
Using passwords for authentication might involve a number of cyber security risks and may also be a cause employee inefficiency. Biometric authentication technologies can be used to eliminate the problems related to password usage. The users do not utilize complex or longer passwords, as a rule, because these are difficult to devise and memorize. This allows an intruder to mine employee account passwords quite quickly (in 1 minute or so). The employees use one and the same password for all applications and services quite frequently. This makes the problem even worse, since, having mined the password to one of the systems, an intruder gains access to all the resources available to the compromised user.
Implementation of single access point to the company information systems
Passwords remain the most widely used method of user authentication, despite the obvious risks. Increasing number of information systems, the users are to have access to imposes significant workload on the information security service in the aspect of user password management. Migration to new authentication technologies requires much effort. Business critical applications are often legacy ones and therefore they do not support modern technologies. The information security employees have to solve the problem of password usage while waiting for the opportunity to migrate to new authentication technologies . The Enterprise Single Sign-On class systems facilitate the task and provide for the mechanism of centralized user password management.
Protection of published corporate resources
Making a company resources accessible remotely increases the risk of unauthorized access to critical business information drastically. The required protection level can only be reached by using modern user authentication methods. The Indeed Access Manager (AM) solution makes it possible to use two-factor authentication (2FA) methods in a broad range of corporate applications. This, in turn, allows for building of unified 2FA system for accessing the resources available from outside the company’s network. We developed a special integration module IIS Extension for authentication in the applications that use Internet Information Services (IIS). This module provides for two-factor authentication in such applications without modifying their code.
Using RFID cards to access information systems
In most of the modern enterprises, the employees uses proximity cards (passes) to gain physical access to business centre, to office, to plant territory etc. Such cards are often used as identity cards - they have employee photo, name and position printed on them. Using such cards is a common practice today. So it is quite consistent to expand this practice also to logical access to the company information systems. To solve the task, the Indeed Access Manager (Indeed AM) software suite is used. The suite allows for implementation of required authentication scenarios in Windows operating system and applications. Access to Windows system is provided for by Indeed AM Windows Logon component using the account data of the Active Directory domain.
Two-factor authentication with smart cards in operating system and applications
The standard password authentication does not provide for security level sufficient for modern companies. The following information security risks can be associated with password usage - the users do not utilize complex or longer passwords, as a rule, because these are difficult to devise and memorize. This allows an intruder to mine employee account passwords. The employees use one and the same password for all applications and services quite frequently. This makes the problem even worse, since, having mined the password to one of the systems, an intruder gains access to all the resources available to the compromised user.
Meeting the requirements of PCI DSS standard to user authentication
In April 2016, the new PCI DSS 3.2 version was adopted. Some of the changes introduced in this version become effective on the February 1st, 2018. These are changes in employee authentication upon access to bank information systems. In particular, starting from February 1st, 2018, multi-factor authentication becomes mandatory for a number of access scenarios. The PCI DSS defines the following factors or methods of user authentication: something that you know; something that you have; something that you possess. Here are some examples of the mentioned factors, that are the most frequently used in practice of multi-factor authentication.