8 Convergence Tips (continued)
Take these steps for a successful marriage of physical and IT security.
By Mark Diodati

6. Enterprise SSO (eSSO) systems
   eSSO systems reduce the number of user logons by replaying usernames and passwords into those applications that require them. Users authenticate once, and are transparently logged on to applications as they click on them. The use of smart cards at the workstation requires the deployment of middleware, so why not make the user's life a little easier by deploying an eSSO client at the same time? One common identity management trend--regardless of any PL convergence goals--is the coupling of stronger authentication systems like smart cards with eSSO systems because it
mitigates the "keys to the kingdom" problem.


7. Plan emergency access
   Employees will lose their smart cards or leave them at home and get locked out of buildings and IT systems. Emergency access procedures ensure that users can continue to work without their smart card. Some tricks of the trade include self-service kiosks in the building entrance where employees can authenticate and get a temporary smart card, and the use of IT software management tools to temporarily allow the user to authenticate with a password instead of a smart card.
   
   While not technically an emergency scenario, access may be a concern for organizations with a large population of employees who travel without laptops and need access at a public kiosk, which won't likely allow use of a smart card. Hybrid devices that possess both smart card and one-time password (OTP) components can help in this scenario, because the OTP does not require workstation software.



8. Use egress badging
   Egress badging is an important tool to help determine when an employee has left the facilities. However, its implementation requires reconfiguration of the building entrance, and also that the user badge out when leaving the building, which can cause traffic jams at the door on a Friday. All is not lost, however, if egress badging cannot be implemented. Some PL convergence systems support a ...
   
   To continue reading for free, register below or login

   Requires Membership to View

   To gain access to this and all member only content, please provide the following information:

   Email Address:
   
   
   

   By joining SearchSecurity.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
   
   TechTarget cares about your privacy. Read our Privacy Policy
   To read more you must become a member of SearchSecurity.com

   As an existing member of the TechTarget network please activate your SearchSecurity.com account 

   By joining SearchSecurity.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
   
   TechTarget cares about your privacy. Read our Privacy Policy
   
   
   
   "best guess" algorithm to determine if a user is still in the building. For example, if it's 3 a.m., the system will assume the user is not in the building.

< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   NEXT PAGE  >