Authentication

For many organizations particularly those with lots of applications and large numbers of users – authentication has been a conundrum. Weak authentication solutions, such as a simple username and password that is not frequently changed can leave you vulnerable to security breaches, but If you enforce complex passwords and stringent change policies, users frequently forget their various logon credentials, or resort to writing them down. Either way, the end result is compromised security, lost productivity and high support costs.

Therefore authentication solutions are required to provide an efficient process to authenticate credentials and control access to resources based on trust and identity.

OCG implement solutions for web and enterprise single sign-on that improve the end user experience, enhance security and reduce administration costs.

Besides the obvious benefits of only having to sign-in once and only having to remember and manage one password or pin, there are other benefits to be gained from SSO, including:

• Delegated access.
• Analysis and reporting of access including identity audit.
• Integration with strong authentication.
• Emergency access and self-service reset of pins and passwords.
• Fast user switching.
• Password Management and policy enforcement (even in older systems).

• Improve security with complex passwords, multi factor authentication and audit.
• Reduce cost of ownership by providing self-service and improving efficiency.
• Simplify certificate management using ILM 2007 certificate lifecycle management.
• Streamline deployment by enrolling user and computer certificates without user intervention. (ESSO solutions that are non intrusive and quick to deploy.)
• Leverage existing Architecture with authentication and enterprise single sign-on solutions that use the existing AD and LDAP infrastructure.

When security is paramount, device-based authentication (two-factor) solutions, such as smart cards, one-time passwords and biometrics are required. These solutions can provide physical as well as logical access, so that IT and building access can be achieved through a single device.

OCG can replace weak user name/password security with strong, device-based authentication, providing smart card based solutions which include tokens, readers, servers and user portals.

We use Microsoft Identity Lifecycle Manager (ILM) 2007 - in conjunction with the Certificate Services component of Windows Server 2003 R2 - to manage certificates and smart cards for users. This lowers the associated management costs by enabling organizations to deploy, manage and maintain a certificate-based infrastructure more efficiently.