Easy compliance with new security mandatesEasy compliance with new security mandates OneSign offers a practical and affordable means to achieve regulatory compliance. |
"Our risk assessments showed that weak password security was a problem for us in meeting the BS7799 security standards and Imprivata’s approach has solved this issue for us. It also offered real savings in terms of eliminating the number of password reset calls received by our helpdesk."
Douglas Kinnaird, Head of IT
Midlothian Council
In recent years, government organizations at all levels have become increasingly aware of the risks posed by lax security and the legal ramifications of failure to protect confidential information. Driven by heightened concerns about terrorism, governments have established new security mandates, including the U.S. Code of Federal Regulations (CFR). Industry standards, such as BS7799 in the UK and BS7799-2 and ISO 17799 worldwide, are also having an impact. In 2004, the U.S. federal government took the issue one step further with the release of Homeland Security Presidential Directive (HSPD)-12, which requires federal agencies to have a common standard for identification of government workers and contractors. That standard, as detailed in Federal Information Processing Standard (FIPS) Publication 201, mandates the implementation of smart cards with certificates and biometric authentication for federal employees and contractors.
Many governmental organizations – including police and fire departments – are struggling to comply with these regulations, primarily due to the high costs, time and resources required for complex IT environments, legacy applications and multiple facilities. Now, a growing number of governmental organizations are discovering that Imprivata OneSign solutions offer a practical and affordable means to achieve regulatory compliance while also strengthening both physical and logical security, reducing IT helpdesk costs, eliminating password management problems, and improving user productivity.
Imprivata OneSign® solutions support the unique requirements of government institutions in the following ways:
Imprivata OneSign Authentication Management
- Authenticates both local and remote access users as they logon to the department network;
- Supports user accountability by recording all user and application events in log files, providing a monitoring trail accessible to administrators;
- Ensures compliance to meet regulatory requirements and government standards, safeguards access, and prevents the misuse of confidential information;
- Supports strong authentication, including ID tokens, smart cards, proximity cards and biometrics technologies to comply with government mandates;
- Ensures policy enforcement because it requires no change in end user behavior;
- Supports fast user authentication and logout on shared workstations to strengthen security in government facilities where multiple users share one or more workstations.
Imprivata OneSign Single Sign-On
- Extends user authentication protection to include software applications;
- Single sign-on to all legacy, Web, Java, client/server, mainframe, and terminal-based applications;
- Reduces costs and improves user productivity by sharply reducing help desk and password reset calls;
- Automates the process of implementing strong password policies.
- Integrates building and network access systems for unified enterprise security management.
- Consolidates identities between physical access systems and IT directories to enable one converged policy for allowing or denying network access based on a user's physical location, organizational role and/or employee status.
- Provides integrated and centralized user access monitoring and reporting capabilities in order to better demonstrate regulatory compliance.