The Essentials of Enterprise Password Management. FastPass Password Manager V 3.4 Enterprise & Service Provider Editions
|
|
- Gilbert Sutton
- 8 years ago
- Views:
Transcription
1 The Essentials of Enterprise Password Management FastPass Password Manager V 3.4 Enterprise & Service Provider Editions FastPassCorp 2012 FPC0 FastPassCorp Page 1 of 14
2 OVERVIEW When deciding on a new Password Management System, companies have asked us for advice on the most important criteria for choosing between different offerings and solution models. Our experience is that it is important to focus on the functions which determine the value of the particular business case, and which define future flexibility. The first pages illustrate the importance of specific features for your business case. We have in conversations with FastPass customers and users of other products learned that it is essential to focus on the Key Performance Indicator: The percentage self-service calls compared to total calls related to passwords. We have seen examples of no more than 20% and examples of more than 80%. If you want to reach more than 80% then focus on processes is the key! We have selected the functions which are important to all organizations and especially to larger organizations with many applications and many users working from different locations. In this document we have added a short description of FastPass Enterprise features related to the different headings. If you re considering alternative solutions to FastPass, then these are the areas where you should compare the quality. At the end of the document we have even a short description of the specific requirements for Managed Servicve Providers If you are looking for more information and inspiration, the National Institute of Standard and Technologies (NIST) have issued a draft document: Guide to Enterprise Password Management (Draft) Special Publication , where you can find recommendations regarding the use and management of Passwords. We consider the following topics to be the most critical ones: User authentication User registration Catch-22: The PC is locked Different passwords for different applications and security levels Service Desk tools Strong authentication All users anywhere Infrastructure and flexibility FastPassCorp Page 2 of 14
3 The basics: User authentication The most basic functionality in password self-service is the secure authentication of the user calling FastPass. The normal authentication in self-service solutions is challenge questions. When you decide for challenge questions you have a number of considerations to do: Are questions decided centrally with users giving the answers? Are questions decided centrally but with given answers (like personel number) what we describe as semi-personal questions Can users define their own questions? How many questions for enrolment? How many questions for authentication? The more options you have the better you can optimize user-friendliness and security to your needs In some organizations it might be important to avoid the enrolment process; but you still need a secure process. Then the use of a physical token might replace the question/answer model. In most cases all employees will today have a mobile phone, and you can then use the phone as a token by sending a code via SMS to the user, and ask him to enter this code. For special users with very high security requirements you might demand that another person makes a visual or audio identification of the user. You can then give the authentication user the privileges to give the user a code to use for authentication to FastPass. The above three models covers the three standard authentication methods: Something you remember Something you have Something you are Often we will require users to authentication with 2-factor authentication, often described as strong authentication. With FastPass you can combine any of the above methods to 2-factor or even 3-factor authentication. You can even make authentication profiles where a user only has to do singlefactor authentication on the domain but 2-factor authentication if he comes in from the external net! FastPassCorp Page 3 of 14
4 In large organizations you will typically have very different usergroups with access to information of varying sensitivity. You will then want to have different authentication to match the sensitivity of the systems. This requires the possibility to do different authentication profiles where you then can link different usergroups to different authentication profiles. Processes to support your business case The important question is: What does it take to make an end-user use password self-service? The answer is: Enrolment and service desk assistance!! A standard process for enrolment will be that the administrator sends a mail to all users asking them to enrol: Selecting questions and giving answers to the personal questions.( Enrolment might include more actions like mobile phone number and identifying other accounts). Many end-users will however wait with enrolment and forget, so you typically see an enrolment percentage of 30% or lower after first invitation round. The administrator will then manually start to send reminders; but give up after some time. At that time you might have reached 50%. When the users then need to use the system for password reset, a few users will have forgotten their answers. They have to call the service desk then, where they ask for a new password. They will get a new password, and then next time they forget, they will of course call the service desk again. Gradually the total number of actively enrolled end-users will fall: FastPassCorp Page 4 of 14
5 FastPass has automated processes to support an efficient enrolment process, where users are reminded until they enrol, or you force them to enrol!. Furthermore FastPass has an integrated process to support the service desk when called by users who have forgotten their answers to personal questions. In this case the service desk will give the user a code to re-enrol to FastPass, and then the user can reset the password himself. Next time the user will then use FastPass for self-service again. The unique FastPass processes are necessary to create and maintain a high self-service percentage without having to spend many administrative man hours to do the job! Furthermore it is of course a vital ingredient that all the user s passwords are covered by the solution. For every password system not covered, you give the user the expectation, that forgotten passwords still are to be solved by the service desk! User enrolment and registration When you need to get thousands of users enrolled into your Password Solution, you begin to realize the importance of an automated ongoing process. It is not just enough to send out an to all users. Based on our experience only between 5% and 20% of the users will take the time to register and enrol themselves into the system at first call. The consequence is that possibly 80%- 95% of your users will call the Service Desk. Alternatively, you may have to do a manual process, whereby your administrators need to remind users and their FastPassCorp Page 5 of 14
6 management to enrol. This could indeed compromise the business case for the entire project! Alternatively you can force users to enrol at log-in time. We have however still not seen any organization which are prepared to use this method as the one and only way to get users enrolled. The risk that the user community will react very negatively to this implementation method is high, and can be avoided by a more intelligent approach. FastPass offers an automatic process covering the complete enrolment process. With this automatic toolset provided you should aim for an enrolment percentage of not less than 90%. The critical components are: Automatic discovery of users Automatic invitation mail to new users Automatic and ongoing reminders, by mail or SMS(text) to users who have not yet enrolled Help Desk PIN-code can be issued to users calling the Help Desk without being enrolled. The users must then enrol before they can reset the password by themselves. Forced enrolment via NAG screen enforcing the users who have not yet enrolled You can define individual enrolment profiles for different user groups based on your knowledge of how you can get the fastest action! FastPassCorp Page 6 of 14
7 Catch-22: the PC is locked because of a forgotten password When a user has forgotten the password to the PC he is not able to logon. The user then calls the Service Desk, who will reset the password in Active Directory. Users can then use the new password given by the Service Desk - provided they re on the domain! If the user however is outside the domain, the Service Desk is not able to help him. The PC will remain unavailable until he s back in the office and attached to the domain. FastPass Enterprise solves both situations. A very small program at the PC allows the PC, via a browser, to connect to the FastPass portal and change Password in the AD. The user can then log-in when he is on the domain. The same action happens when he is on a remote net. In this case FastPass opens a hidden VPN connection, where the Password is synchronized back to the PC. The business benefit for the user and the company can be substantial, as this feature means that the user can keep working in the remote environment. Without this solution in place a complete journey might be lost when a PC password is forgotten. Different passwords for different applications and security levels Organizations like NIST for instance (FIPS PUB 199) recommend resources to be categorised as low impact, moderate impact or high impact, and the user should not share the same password between the different categories. In some organizations the single password concept - through password synchronization between applications with similar policies - is a good solution. FastPassCorp Page 7 of 14
8 The consequence for Password Management in the situation with multiple passwords is that the user must be able to reset different passwords for different applications. When a user has the tool to reset forgotten passwords, then the cost of multiple passwords due to high rate of resets - will be very limited. This makes it realistic to combine the demands from IT-security with the demands from the Service Desk when it comes to passwords and password resets. FastPass Enterprise allows administrators to choose between password synchronization and selective password reset (reset on each individual system). FastPass provides advanced configuration tools to tie your multi system requirements to different user groups with different profiles. As an example of that, if a company has Active Directory passwords and SAP passwords and wants different passwords due to different policies on those systems, then the user will simply select whichever system the password reset is targeted for. If a user has different user-ids for the different applications, FastPass ties the different user-ids together and can synchronize and reset with multiple passwords. For more information on differences between Single Sign-on and the FastPass solution, please visit our corporate web-site or contact FastPassCorp. FastPassCorp Page 8 of 14
9 Service Desk processes No matter what enrolment rate you have achieved, you should still expect users calling in to the Service Desk for assistance. In particular when users have forgotten their answers to the personal questions their only solution is to call the help desk. The Service Desk analyst needs to do user authentication before he can help the user with a forgotten password or a re-enrolment into FastPass. FastPass helps the Service Desk employee to verify the identity of the user through information being presented from Active Directory and even by presenting the personal answers! (FastPass can be configured with or without this possibility. In a Multi system environment and in synchronization environments, users call more when they meet technical difficulties in this more complex environment. The FastPass Help Desk Client provides specific information to support the Service Desk employee in performing his service to the user. If we give the user the password he is asking for we know for certain that he will call the service desk again next time he forgets the password. The result of this process is the gradual deterioration of the business case. This is why it is so important to bring the user back into FastPass!! As a Service Desk manager, you prefer to have one central overview on servicelevel and workload for the Service Desk. This overview is obtained from the Service Management tool in place. FastPass is easily integrated into any Service Management tool and provides out-of-box integration to several solutions. The net result for the Service Desk Manager is that all Password related calls which might slip past the Self-service Portal, will be handled quickly and efficiently, so that the business case for Password Management remains solid. Strong authentication FastPassCorp Page 9 of 14
10 When a user wants to reset his password via Self-service, the password reset solution will authenticate the user as the first step. The authentication must correspond to the security level of the applications which the user can access. If the user has access to critical business systems, the authentication should be at least as strong as the authentication for the application. FastPass allows the administrator to define different profiles for different groups of staff members, in order to provide both the required security level and also provide user convenience. Authentication of users should not be stricter than necessary; hence the need for dynamic authentication profiles. FastPass will combine three different methods for Self-service authentication: Your location (IP-address) Something you remember (Private challenge questions) Something you have (Mobile phone) The administrator can define different profiles ranging from one method to all three methods for very secure users or critical applications. In FastPass the administrator configures profiles that dynamically determine the authentication of the user. If a user is on a secure net then it may be OK to authenticate with just challenge questions; but if the same user is on the external net, an authentication profile could be configured to demand both challenge questions and an SMS-pin code to securely authenticate the user. For users with very high authentication requirements, you can even configure FastPass to require that a Help Desk PIN is used as part of the process of validating the user. In this way the Service Desk staff member can demand a personal presentation before issuing the PIN-code. With regards to the challenge questions, you can decide what challenge questions, and how many, a user must answer correctly to be authenticated in different situations and/or locations. FastPassCorp Page 10 of 14
11 All users anywhere In today s business environment organizations have many different types of users and devices accessing systems and business applications from different locations. Most users have PCs owned by the domain; but there are external users (like external consultants) who have access to some resources on the ITsystem. FastPass supports all users in the different situations. The situation for a domain user is that a forgotten password means that he can t access the PC in which case he uses the PC-client component of FastPass. For an external user the PC password and the domain password are different, so he can access his PC locally, but he can t get on the company network. The FastPass windows client will enable users to access FastPass remotely, even if he s outside the domain. If a domain-pc does not have the windows client installed, then the user can access FastPass through a browser on another device, from where he can reset the password. With access to FastPass, via a link on the organization s intranet or extranet, the external consultant can get access to FastPass Self-service and reset the password on AD. Then he can immediately log-on to the network again. A user might even reset the password from a mobile device (Smartphone, ipad etc.) using a mobile browser. FastPassCorp Page 11 of 14
12 Overview: FastPass Enterprise Internal net External net Domain user YES YES External user YES YES Infrastructure and flexibility One of the most compelling features of FastPass is that it is in essence an addon to your existing Windows Server environment. As a web-based self-service solution for users already in AD, this is part of your server environment utilizing user data, group memberships and policies already in place. This means, from an implementation point of view, that it s really fast to implement. From an operational point of view this is also very important. You do not add yet another system to operate. With just a few hours of admin training, Windows Server professionals can be up to speed with FastPass. Larger organizations may have complex environments with several domains and even a forest structure which is supported by FastPass Enterprise. But even smaller organizations may have a need for a multi-domain solution. If your company is buying another company, or has internal and external user groups, then you may have a need to support more domains. Also, if you re in the process of upgrading from Windows Server 2003 to 2008 then it can be very useful to let the users have two accounts for a period of time and have FastPass synchronize the passwords. A flexible browser based solution will not only ease deployment of the solution, but also give you the opportunity to let password self-service become a feature on your intranet with the same look and feel and visual elements that your users are familiar with. Multi language is important to many organizations working overseas. This will avoid end user training for the solution, and will also allow the end users to handle challenge questions in their native language, avoiding confusion for the users. Special Managed Service Provider (MSP) requirements MSPs have a fixed agenda for efficiency in operations to give better service and lower costs to their customers. One af the consequences is the demand for multi- FastPassCorp Page 12 of 14
13 tenant solutions, meaning that many customers can share the same resources, and still be handled individually. With FastPass the MSP can have many customers sharing the central FastPass installation meaning reduced installation and implementation efforts and much lower operating costs, than with a solution where each customer has his own FastPass installation. The logical view: The infrastructure view: FastPassCorp Page 13 of 14
14 The illustration above shows how FastPass can reset passwords for user repositories on the MSP s domain as well as on user repositories outside the domain, where FastPass gateway technology is being used. For MSPs with distributed service desks it is of crucial importance that all service desks around the globe can handle users from different customers but even from different FastPass implementations, if the MSP has multiple FastPass implementation e.g. on different continents. The FastPass Help Desk client for MSPs has the ability to serve different FastPass implementations and thereby giving the MSP the ultimate flexibility in sharing service desk resources. This will lead to direct cost savings and improved service levels for all involved FastPassCorp Page 14 of 14
Password Management Buyer s Guide. FastPass Password Manager V 3.3 Enterprise & Service Provider Editions
Password Management Buyer s Guide FastPass Password Manager V 3.3 Enterprise & Service Provider Editions FastPassCorp 2010 FPC0 FastPassCorp 2010. Page 1 Requirements for Password Management including
More informationSelf-Service, Anywhere
2015 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Introduction 1 2 Mobile users warned of password expiry 2 3 Reset forgotten, cached password while away from the office 2 4 Unlock encrypted
More informationCritical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management
Security Comparison Critical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management PistolStar, Inc. PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 603.546.2309
More information(A) User Convenience. Password Express Benefits. Increase user convenience and productivity
Comparison Feature Sheet Feature Sheet is a next generation password management and password synchronization tool that provides users with reduced sign on experience across all applications and password
More informationEURECOM VPN SSL for students User s guide
EURECOM VPN SSL for students User s guide Table of Contents Introduction... 2 Login process... 2 Portail main page... 2 Prerequisite... 2 RSA SecurId software token... 3 First usage of RSA SecurID token...
More informationOracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009
Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 EXECUTIVE OVERVIEW Enterprises these days generally have Microsoft Windows desktop users accessing diverse enterprise applications
More informationEVALUATION GUIDE. Evaluating a Self-Service Password Reset Tool. Usability. The password reality
EVALUATION GUIDE Evaluating a Self-Service Password Reset Tool This guide presents the criteria to consider when evaluating a self-service password reset solution and can be referenced for a new implementation
More informationPAHO Self-Service Password Management Quick Reference Guide December 2014
PAHO Self-Service Password Management Quick Reference Guide December 2014 Information Technology Services (ITS) PAHO Network Password Management and Recovery Using ADSelfService Quick Reference Guide NOTE:
More informationZyWALL OTP Co works with Active Directory Not Only Enhances Password Security but Also Simplifies Account Management
ZyWALL OTP Co works with Active Directory Not Only Enhances Password Security but Also Simplifies Account Management Problem: The employees of a global enterprise often need to telework. When a sales representative
More informationSofterra Adaxes Enterprise Directory Solution
Identity and Active Directory Management Softerra Adaxes Enterprise Directory Solution Product Profile make the complex simple Copyright Copyright Softerra, Ltd. Softerra, All rights Ltd. reserved. All
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationCitrix Single Sign-On Self-Service Password Reset
Citrix Single Sign-On Self-Service Password Reset Citrix Single Sign-On (SSO) Self-Service tools enable you to take control when you forget your password. Using the three security questions you established
More informationSingle Sign-On Portal User Reference (Okta Cloud SSO)
Single Sign-On Portal User Reference (Okta Cloud SSO) Contents Okta Single Sign-on Portal... 3 Initial account creation and configuration... 3 First time manual login to the Okta Single Sign-on Portal...
More informationMobile Iron User Guide
2015 Mobile Iron User Guide Information technology Sparrow Health System 9/1/2015 Contents...0 Introduction...2 Changes to your Mobile Device...2 Self Service Portal...3 Registering your new device...4
More information1 Maximizing Value. 2 Economics of self-service. Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications
1 Maximizing Value Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Getting value from Hitachi ID Password Manager by improving user adoption. 2 Economics of self-service 2015
More informationFlexible Identity. Tokenless authenticators guide. Multi-Factor Authentication. version 1.0
Flexible Identity Multi-Factor Authentication Tokenless authenticators guide version 1.0 Publication History Date Description Revision 2014.02.07 initial release 1.0 Copyright Orange Business Services
More informationActive Directory Self-Service FAQ
Active Directory Self-Service FAQ General Information: info@cionsystems.com Online Support: support@cionsystems.com CionSystems Inc. Mailing Address: 16625 Redmond Way, Ste M106 Redmond, WA. 98052 http://www.cionsystems.com
More informationHow to Use Remote Access Using Internet Explorer
Introduction Welcome to the Mount s Remote Access service. The following documentation is intended to assist first time or active users with connecting, authenticating and properly logging out of Remote
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationAlex Wong Senior Manager - Product Management Bruce Ong Director - Product Management
Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management 1 Product Roadmap Disclaimer Any forward-looking indication of plans for products is preliminary and all future release
More informationInstructions for the Integrated Travel Manager (ITM) Self Service Password Reset (May 2011)
How to Complete the Challenge Questions and Responses Setup Process 1a 1b Open an Internet Explorer window Point your browser to: https://itm-prod.rdc.noaa.gov/cgibin/90ipi/docprep/login.w If the Web Security
More informationPassword Management Before User Provisioning
Password Management Before User Provisioning 2015 Hitachi ID Systems, Inc. All rights reserved. Identity management spans technologies including password management, user profile management, user provisioning
More informationWeb Applications Access Control Single Sign On
Web Applications Access Control Single Sign On Anitha Chepuru, Assocaite Professor IT Dept, G.Narayanamma Institute of Technology and Science (for women), Shaikpet, Hyderabad - 500008, Andhra Pradesh,
More informationSwivel Multi-factor Authentication
Swivel Multi-factor Authentication White Paper Abstract Swivel is a flexible authentication solution that offers a wide range of authentication models. The use of the Swivel patented one-time code extraction
More informationAD Self Password Reset Installation and configuration
AD Self Password Reset Installation and configuration AD Self Password Reset Installation 1 Manual v1.4 Table of Contents TABLE OF CONTENTS 2 SUMMARY 3 INSTALLATION 4 REMOVAL 6 AD SELF PASSWORD RESET CONFIGURATION
More informationTrauma/Recon Sales. Step by step guide to using the Smith & Nephew User Gateway (SNUG) Global Remote Access
Trauma/Recon Sales Step by step guide to using the Smith & Nephew User Gateway (SNUG) Global Remote Access Table of Contents Introduction...1 How Do I Get Access to SNUG?...1 Getting Started...1 Logging
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationThe 10 step communication plan
The 10 step communication plan Follow these 10 suggested steps and you will be successful at launching the Specops password reset service. Step 1 Activity: Intranet texts explaining the service Suggested
More informationPassword Manager Windows Desktop Client
Password Manager Windows Desktop Client EmpowerID provides an extension that allows organizations to plug into Password Manager to customize the Windows logon experience beyond that supplied by the standard
More information1 Hitachi ID Password Manager
1 Hitachi ID Password Manager Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Integrated Credential Management for Users: Passwords, encryption keys, tokens, smart cards and
More informationCentralized Self-service Password Reset: From the Web and Windows Desktop
Centralized Self-service Password Reset: From the Web and Windows Desktop Self-service Password Reset Layer v.3.2-007 PistolStar, Inc. dba PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200
More informationThe Role of Password Management in Achieving Compliance
White Paper The Role of Password Management in Achieving Compliance PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 617.674.2727 E-mail: sales@portalguard.com Website: www.portalguard.com
More informationWhat is e-services? Registered User Portal RUP
IRS e-services Registration Process What is e-services? Suite of products designed for tax professionals and taxpayers to do business with IRS electronically Includes: Registration e-file Application Preparer
More informationIdentity Management and Single Sign-On
Delivering Oracle Success Identity Management and Single Sign-On Al Lopez RMOUG Training Days February 2012 About DBAK Oracle Solution Provider and License Reseller Core Technology and EBS Applications
More informationp@$5w0rd??_ 300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you
Freja is an innovative solution to one of the biggest problems in the Internet era: How do you securely manage identities, access and credentials for a large number of users without costs going haywire?
More informationGuide to Evaluating Multi-Factor Authentication Solutions
Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor
More informationAdministrators Help Manual
Administrators Help Manual Lepide Active Directory Self Service Lepide Software Private Limited Page 1 Administrators Help Manual for Active Directory Self-Service Lepide Active Directory Self Service
More informationNew Brunswick Internal Services Agency. RSA Self-Service Console User Guide
New Brunswick Internal Services Agency RSA Self-Service Console User Guide Version: 1.0 Created: November 27, 2013 Modified: November 27, 2013 Table of Contents Introduction...1 Logging on to the RSA Self-Service
More informationServer-based Password Synchronization: Managing Multiple Passwords
Server-based Password Synchronization: Managing Multiple Passwords Self-service Password Reset Layer v.3.2-004 PistolStar, Inc. dba PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax:
More informationPrimeSecure Self-Service User Guide Revision 1.2
PrimeSecure Self-Service User Guide Revision 1.2 1 Table of Contents 1.0 Introduction... 3 2.0 Register with PrimeSecure... 3 3.0 Changing your Password... 6 4.0 Resetting your Password... 8 5.0 Updating
More informationUsing YSU Password Self-Service
Using YSU Password Self-Service Using YSU Password Self-Service Password Self-Service Web Interface Required Items: YSU (MyYSU) Directory account, Web browser This guide will assist you with using the
More informationVPN Solutions FAQ www.aladdin.com/contact North America International Germany Benelux France Spain Israel Asia Pacific Japan
A l a d d i n. c o m / e T o k e n VPN Solutions FAQ VPN authentication is a critical link in the chain of trust for remote access to your organization. Compromising that trust can expose your private
More informationADSelfService Plus Client Software Installation Guide
ADSelfService Plus Client Software Installation Guide ( I n s t a l l a t io n t h r o u g h A DS e l f S e r v ic e P l u s w e b p o r t a l a n d M a n u a l I n s t a l l a t io n ) 1 Table of Contents
More informationAccessing the Media General SSL VPN
Launching Applications and Mapping Drives Remote Desktop Outlook Launching Web Applications Full Access VPN Note: To access the Media General VPN, anti-virus software must be installed and running on your
More informationMade for MSPs by an MSP
Made for MSPs by an MSP features & Pricing Guide THE END OF STICKY NOTE SECURITY www.passportalmsp.com lower costs improve security increase sales A cloud-based identity and password management solution
More informationChapter 1 Scenario 1: Acme Corporation
Chapter 1 Scenario 1: Acme Corporation In This Chapter Description of the Customer Environment page 18 Introduction to Deploying Pointsec PC page 20 Prepare for Deployment page 21 Install Pointsec PC page
More informationAVG Business SSO Connecting to Active Directory
AVG Business SSO Connecting to Active Directory Contents AVG Business SSO Connecting to Active Directory... 1 Selecting an identity repository and using Active Directory... 3 Installing Business SSO cloud
More informationProtect Everything: Networks, Applications and Cloud Services
Protect Everything: Networks, Applications and Cloud Services Tokens & Users Cloud Applications Private Networks Corporate Network API LDAP / Active Directory SAML RADIUS Corporate Network LDAP / Active
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationAD Self-Service Suite for Active Directory
The Dot Net Factory AD Self-Service Suite for Active Directory Version 3.6 The Dot Net Factory, LLC. 2005-2011. All rights reserved. This guide contains proprietary information, which is protected by copyright.
More informationNetIQ Advanced Authentication Framework - Smartphone Applications
NetIQ Advanced Authentication Framework - Smartphone Applications User Guide Version 3.0 1 Table of Contents 1 Table of Contents 2 Introduction 3 About This Document 3 System Requirements 4 Install Smartphone
More informationConfiguring User Identification via Active Directory
Configuring User Identification via Active Directory Version 1.0 PAN-OS 5.0.1 Johan Loos johan@accessdenied.be User Identification Overview User Identification allows you to create security policies based
More informationVirto Password Reset Web Part for SharePoint. Release 3.1.0. Installation and User Guide
Virto Password Reset Web Part for SharePoint Release 3.1.0 Installation and User Guide 2 Table of Contents OVERVIEW... 3 SYSTEM REQUIREMENTS... 3 OPERATING SYSTEM... 3 SERVER... 3 BROWSER... 4 INSTALLATION...
More informationService Desk R11.2 Upgrade Procedure - Resetting USD passwords and unlocking accounts in etrust Web Admin
Service Desk R11.2 Upgrade Procedure - Resetting USD passwords and unlocking accounts in etrust Web Admin Purpose of document The purpose of this document is to assist users in reset their USD passwords
More informationDepartment of Supply & Services (CIMS) RSA Web Express User Guide v1.2
Department of Supply & Services (CIMS) RSA Web Express User Guide v1.2 Created: May 22, 2008 Updated: April 23, 2009 The RSA Web Express web express web site automates functions required to deploy hardware
More informationWe optimize your enterprise using Active Directory
Global leader in systems management and security solutions for Active Directory & Group Policy based environment. With extensive real world knowledge and experience, JiJi Technologies Private Limited maximizes
More informationIntegrating Hitachi ID Suite with WebSSO Systems
Integrating Hitachi ID Suite with WebSSO Systems 2015 Hitachi ID Systems, Inc. All rights reserved. Web single sign-on (WebSSO) systems are a widely deployed technology for managing user authentication
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationPassword Manager. Version 3.4.2. Password Manager Quick Guide
Password Manager Version 3.4.2 Password Manager Quick Guide Document Title Password Manager Quick Guide Document Classification Public Document Revision C Document Status Final Document Date April 16,
More informationIn this topic we will cover the security functionality provided with SAP Business One.
In this topic we will cover the security functionality provided with SAP Business One. 1 After completing this topic, you will be able to: Describe the security functions provided by the System Landscape
More informationManageEngine ADSelfService Plus. Evaluator s Guide
ManageEngine ADSelfService Plus Evaluator s Guide Table of Contents Document Summary:...3 ADSelfService Plus Overview:...3 Core Features & Benefits:...4 ADSelfService Plus Architecture:...5 Admin Portal:...
More informationENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS
ENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS Secure Remote Desktop & Application Access Mobile Device Management Mobile Content Management Mobile Email & PIM Secure Mobile Containerization
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationManagement of Hardware Passwords in Think PCs.
Lenovo Corporation March 2009 security white paper Management of Hardware Passwords in Think PCs. Ideas from Lenovo Notebooks and Desktops Workstations and Servers Service and Support Accessories Introduction
More informationSecuring your Mobile Workforce with Okta and Espion
Securing your Mobile Workforce with Okta and Espion Executive Summary Distributed workforces and mobile devices are disrupting business as usual. End-users are frequently accessing applications and data
More informationGO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown
GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown GO!Enterprise MDM for Android, Version 3.x GO!Enterprise MDM for Android with TouchDown 1 Table
More informationIRS e-services Registration Process
IRS e-services Registration Process 1 What is e-services? Suite of products designed for tax professionals and taxpayers to do business with IRS electronically Includes: - Registration - e-file Application
More informationSetting Up and Accessing VPN
Setting Up and Accessing VPN Instructions for establishing remote access to the URMC network for PC or Mac Duo Two-Factor Authentication If you have already enrolled and setup Duo Two-Factor Authentication
More informationIntroduction to SAML
Introduction to THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY Introduction to Introduction In today s world of rapidly expanding and growing software development; organizations, enterprises and governments
More informationTwo-Factor Authentication
Two-Factor Authentication A Total Cost of Ownership Viewpoint CONTENTS + Two-Factor Authentication 3 A Total Cost of Ownership Viewpoint + Introduction 3 + Defining Total Cost of Ownership 3 + VeriSign
More informationCopyright Giritech A/S. Secure Mobile Access
Secure Mobile Access From everywhere... From any device... From user......to applications Page 3...without compromising on security and usability... and to my PC in the office: Secure Virtual Access Contrary
More informationMobile multifactor security
Mobile multifactor security A revolution in authentication and digital signing Mobile multifactor security A revolution in authentication and digital signing Smartphones will continue to ship in high volumes,
More informationKaseya 2. User Guide. for Network Monitor 4.1
Kaseya 2 Ping Monitor User Guide for Network Monitor 4.1 June 5, 2012 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector IT organizations.
More informationEntrust IdentityGuard Comprehensive
Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive is a five-day, hands-on overview of Entrust Course participants will gain experience planning, installing and configuring Entrust
More informationGuide to Complete EIA SSO (Single Sign-On) Registration. 1. Open your Internet Browser, enter this address, and press Enter
Guide to Complete EIA SSO (Single Sign-On) Registration 1. Open your Internet Browser, enter this address, and press Enter https://signon.eia.doe.gov/ssoserver/login 2. In the window that opens, bypass
More informationIDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience
IDENTITY & ACCESS Privileged Identity Management controlling access without compromising convenience Introduction According to a recent Ponemon Institute study, mistakes made by people Privilege abuse
More informationREMOTE ACCESS USER GUIDE
REMOTE ACCESS USER GUIDE Document Released by the IT Department [21/11/2013] Content Summary 1. Remote Access User Guide Cover Page 2. Content Summary 3. Website/Portal Accessing 4. Method of Accessing
More information5 Day Imprivata Certification Course Agenda
Class time consists of a break in the morning and afternoon as well as an allotted time for lunch. Lengths of breaks are at the discretion of the instructor based on the time to cover material. 5 Day Imprivata
More informationDIS VPN Service Client Documentation
DIS VPN Service Client Documentation Background ------------------------------------------------------------------------------------------------ 1 Downloading the Client ---------------------------------------------------------------------------------
More informationExternal Authentication with Checkpoint R75.40 Authenticating Users Using SecurAccess Server by SecurEnvoy
External Authentication with Checkpoint R75.40 Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House Brunel Road Theale
More informationHow To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F
External Authentication with Watchguard XTM Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 1210 Parkview Arlington Business Park
More informationHow To Make A Multi-Tenant Platform Secure And Secure
Authentication As A Service Why new Cloud based Authentication solutions will be adopted by about 50% of the companies by 2017? Jason Hart CISSP CISM VP Cloud Solutions What a great world Today's World
More informationKaseya 2. Quick Start Guide. for Network Monitor 4.1
Kaseya 2 VMware Performance Monitor Quick Start Guide for Network Monitor 4.1 June 7, 2012 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private
More informationSCB Access Single Sign-On PC Secure Logon
SCB Access Single Sign-On PC Secure Logon Manage all your passwords One smart card to access all your applications past & future Multi-factor authentication Dramatically increase your security Save $150
More informationFlexible Identity. OTP software tokens guide. Multi-Factor Authentication. version 1.0
Flexible Identity Multi-Factor Authentication OTP software tokens guide version 1.0 Publication History Date Description Revision 2014.02.07 initial release 1.0 Copyright Orange Business Services 2 of
More informationEmployee Active Directory Self-Service Quick Setup Guide
Employee Active Directory Self-Service Quick Setup Guide (V2.0) Last update: 11/5/2014 Copyright 2014 InfraDog Inc. All rights reserved Corporate Phone: +1 (416) 473-4096, Fax: +1 (888) 863-3936, Email:
More informationNETWRIX IDENTITY MANAGEMENT SUITE
NETWRIX IDENTITY MANAGEMENT SUITE FEATURES AND REQUIREMENTS Product Version: 3.3 February 2013. Legal Notice The information in this publication is furnished for information use only, and does not constitute
More informationStrong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment
Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1
More informationExternal authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy
External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010
More informationInternet Access Gateway Logon Instructions IAG Platform, XP
Business Services Network (BSN) Internet Access Gateway Logon Instructions IAG Platform, XP Welcome to the Business Services Network a secure, private network for authorized users within which one may
More informationWhite Paper: Managing Security on Mobile Phones
White Paper: Managing Security on Mobile Phones April 2006 Managing Security on Mobile Phones April 2006 Table of Contents Abstract...2 Executive Summary...2 The Importance Of Managing Security On Mobile
More informationMobile Data Security Essentials for Your Changing, Growing Workforce
Mobile Data Security Essentials for Your Changing, Growing Workforce White Paper February 2007 CREDANT Technologies Security Solutions White Paper YOUR DYNAMIC MOBILE ENVIRONMENT As the number and diversity
More informationSingle Sign-on Frequently Asked Questions
Single Sign-on Frequently Asked Questions Q1. What is Single Sign-on? Q2. How does SSO work? Q3. How do I access the SSO portal? Q4. Where can I find help on how to use the SSO portal? Q5. How do I reset
More informationMod 2: User Management
Office 365 for SMB Jump Start Mod 2: User Management Chris Oakman Managing Partner Infrastructure Team Eastridge Technology Stephen Hall CEO & SMB Technologist District Computers 1 Jump Start Schedule
More informationPassword Management Help
Release: v1.7 Date: 24.12.08 DET SINGLE SIGN-ON ACCOUNT... 2 USER VALIDATION QUESTION... 3 FORGOT MY PASSWORD... 4 CHANGING PASSWORDS... 5 CHANGING PASSWORDS (CONTINUED)... 6 v1.7.doc Page 1 of 6 DET Single
More informationCopyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com
Manual Copyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com Information in this document is subject to change without notice. Companies names and data used in examples herein are fictitious
More informationDirectory and Messaging Services Enterprise Secure Mail Services
Title: Directory and Messaging Services Enterprise Secure Mail Services Enterprise Secure Mail Services for End Users Attention: Receivers of Secure Mail Retrieval of Secure Mail by the Recipient Once
More informationMicrosoft Enterprise Mobility Suite
Microsoft Enterprise Mobility Suite Standalone - overview Peter Daalmans http://configmgrblog.com, peter@daalmans.com IT-Concern John Marcum Enterprise Client Management Architect / johnmarcum@outlook.com
More informationSecure Global Desktop (SGD)
Secure Global Desktop (SGD) Table of Contents Checking your Java Version...3 Preparing Your Desktop Computer...3 Accessing SGD...5 Logging into SGD...6 Using SGD to Access Your Desktop...7 Using SGD to
More informationWhite Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution
White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 Realization of the IAM (R)evolution Executive Summary Many organizations
More information