Press Release

Imprivata Unifies Building and Network Access with OneSign Physical/Logical

LEXINGTON, MA - September 18, 2006 - Imprivata®, Inc., the enterprise authentication and access management appliance company, today announced the availability of Imprivata OneSign™ Physical/Logical, a new capability of the OneSign platform that enables organizations to achieve location-based authentication by linking an employee’s physical access authentication event to network and application access. Integrating these two typically distinct security activities in a non-intrusive fashion enables companies to create a single integrated security policy for each employee, from physical building, zone or room access straight through to networks and applications.

Taking converged security significantly further than simply leveraging any building access keycard for Two-Factor network authentication, Imprivata OneSign Physical/Logical allows organizations to grant or refuse network access based on a user’s physical location, organizational role and/or employee status. The card-agnostic approach of Imprivata OneSign Physical/Logical makes it interoperable with companies’ existing physical access systems and card infrastructure, as well as future cards based on emerging requirements such as FIPS 201 for HSPD 12.

Immediate benefits realized include:

• Enabling the enforcement of company anti-passback/tailgating building access policies;
• Tightly correlating building, LAN and remote VPN access for a tighter security posture;
• Providing instant user lock-out from physical facilities and network IT assets simultaneously, as needed; and
• Providing organizations with easy-to-collect centralized user access reporting to help meet regulatory compliance needs, such as Sarbanes-Oxley or Health Insurance Portability and Accountability Act.

“For far too long, building security and network access security have been managed in separate silos—each with their own specific solutions and staffs—and no communication link between them,” said Omar Hussain, president and CEO of Imprivata, Inc. “It is increasingly important that organizations clearly know who is accessing which assets, when and from where—and a single view of credentials across physical and logical systems is the lynchpin to a more secure enterprise.”

Combines Location-Based Awareness with Network Management

Imprivata OneSign Physical/Logical not only maps user credentials from disparate network, remote access, application and physical access accounts, but also enables a single point for administrators to instantly lock-out user access across both physical and logical assets—such as when an employee is terminated.

OneSign Physical/Logical ties building admittance to network access—thereby discouraging tailgating, where two or more people enter on one access card. It also ensures company resources are only being used by authorized employees, preventing redundant user log-ins—such as a user trying to access the VPN at the same time that the system recognizes him/her as being in the building.

Additionally, events and alarms from physical security access systems can be incorporated into network access decisions, providing a finer layer of authentication for closing security holes.

“The convergence of physical and IT security presents a great opportunity for efficiency: better software, better communication, leveraging the infrastructure and adopting the best practices of policy management,” commented Steve Hunt, president and CEO of 4A International. “All of security, all corporate risk and operational risk management can be done better and ultimately cheaper.”

Integrates With Existing Physical and Logical Security Systems

OneSign Physical/Logical allows companies to easily extend the life of existing access investments while enabling a more secure work environment. At release, Imprivata OneSign Physical/Logical will include built-in support for three of the most popular physical access security solutions on the market today, with additional direct support to be added on an ongoing basis:

• Lenel Systems International’s OnGuard security platform, which offers advanced access control, alarm monitoring, digital video, intrusion detection, asset tracking, information security integration, credential production and employee and visitor management functionality;
• S2 Security’s NetBox physical access security solution, an integrated security management system in a web-based network appliance; and 
• Tyco Software House’s C•CURE Physical Access security system, a scalable security management solution encompassing complete access control and advanced event monitoring.

West Midlands Police is one of the first to deploy Imprivata OneSign Physical/Logical with Lenel OnGuard. “When we began our search for a solution that fully integrated physical and logical access using a single smart card, we realized that it wasn’t readily available from industry vendors,” said Paul Williamson, Gateway Programme Manager, West Midlands Police. “Now, OneSign Physical/Logical includes the built-in support that is helping us to reach our goal. Our pilot project is progressing well, securing our buildings and information systems with a groundbreaking fully-integrated solution that is unique within the police service.”

Additional Benefits

Additional benefits of Imprivata’s OneSign Physical/Logical include:

• Assists with regulatory compliance—it enables organizations to better demonstrate compliance with various regulations, including the Health Insurance Portability and Accountability Act (HIPAA); the Gramm-Leach-Bliley Act (GLBA); Sarbanes-Oxley and Basel II;
• Simplifies the accessing of timelines and information—i.e., who was using what, where and when—for forensic investigations;
• Makes it easier to create an emergency roster list, as organizations now have an accurate list of who entered/exited a building;
• Offers a seamless software license key upgrade to Imprivata OneSign Single Sign-On (SSO), which lets organizations automate password usage and provide strong authentication for all enterprise applications; and
• Is delivered channel-ready—because the product is easy to install and maintain, security Distributors, VARs and Integrators can easily build an offering around it.

For additional information on Imprivata OneSign Physical/Logical, including screenshots, please visit the news resources page.

Pricing And Availability

Imprivata OneSign Physical/Logical is shipped as an appliance pair with built-in failover. It will be available in October 2006 at an approximate cost of $36,000 for 1,000 users.

ASIS International 2006

Imprivata will be attending this year’s ASIS International conference, being held from September 25-28, 2006 in San Diego, CA. At the event, the company will have a full demo set up where attendees can see Imprivata OneSign Physical/Logical and the benefits of security convergence first-hand. The company and demo will be located at booth number 7430.

About Imprivata

Imprivata is the enterprise authentication and access management appliance company delivering OneSign—an easy, smart and affordable appliance for securing networks, applications and building/IT access. The OneSign solution includes OneSign Authentication Management, a network authentication appliance that increases security and replaces Windows passwords with strong authentication options; OneSign Single Sign-On, which quickly and effectively solves password management, security and user access issues; and OneSign Physical/Logical, which integrates building and network access systems to enable location-based authentication. Based in Lexington, Mass., the company is privately-held with venture funding from Polaris Venture Partners, Highland Capital Partners and General Catalyst Partners and its solution is distributed through an established worldwide network of channel, ISV and technology partners. For more information, please visit www.imprivata.com.

#

Imprivata is a registered trademark of Imprivata, Inc. in the USA and other countries. All other product or company names mentioned are the property of their respective owners.