Solutions

In today’s day-to-day operating environment, organizations have to manage the expanded computing infrastructure that has been evolving over the years and they have to cope with a heterogeneous and diversified hardware and software platforms that require different security standards and login in procedures. As a result, their users face the challenges to maintain between 6 to 30 different logins and passwords for their work-related activities. Most of these passwords are timed, expire in different time intervals and need to be updated on regular intervals to avoid expiration. Because of the

password expiry policy, users often record their passwords on convenient locations i.e. sticky notes, cheat sheets or their electronic diary and they select easy to remember passwords. As a result, they compromise the security protection that has been put in place to combat security threats. On the other hand, if they have forgotten their passwords or the accounts have been locked out after several invalid attempts, they will not be able to perform their duty and cause human downtime. The password management issues have also created heavy burden for IT help desk staff. It is a known fact that password related problems attribute more than 20% of help desk calls. This unproductive activity cause loss of productivity and wasteful spending within the organization and the total financial loss can amount to millions as the user population increases.

To overcome these kind of password related issues is to implement an Enterprise Single Sign-On (ESSO) solution. However often organizations do not have access to the source code so that they cannot modify the applications to achieve the single sign-on objective. On the other hand, even though they have the source code but the potential risk of modifying a working mission critical application may cause any necessary service disruptions. Therefore, organizations are searching for cost effective and safe approach to achieve single sign-on.

Enterprise Single Sign-On

ESSO from an User perspective

The figure above shows the action sequence of the ESSO solution:

User performs a "primary" authentication to the SSO server using one of the assigned login methods based on the login policy which can be static ID & password, hardware tokens, biometrics etc. Also, the SSO Login can also be integrated with the Window Desktop login i.e. after a user has successfully login to the desktop, the login to the SSO server will be done transparently based on the desktop login information.

2.	After the User has successfully login to the SSO server, it returns the login credential information and script or screen identification attributes of the target applications based on the application assignments.

3.	Then, when the user accesses a target application, the SSO Client software intercepts the standard login dialogue and replays the login credential to the application via the login dialogue to automate the login process.

4.	The solution also handles the change password sequence of the application either by prompting the user to provide the new password or automatically generating a new password as per the policy.

AccessMatrix Universal Sign-On (USO) solution provides a non-intrusive to SSO (Single Sign-On) approach to help organizations address the challenges with increasing number of Ids and passwords that are required by the users. This unique SSO approach can be achieve without any programming or source code changes for the target applications.

For more information, please see the description of AccessMatrix Universal Sign-On.