Security

Single password for network and physical security

Imprivata, a single sign-on technology specialist, has announced technology to link physical access with network access, providing greater security for enterprises.

Imprivata, a single sign-on technology specialist, has announced technology to link physical access with network access, providing greater security for enterprises.

An excerpt from TechWorld:

"Every organization has two trusted authentication systems -- a door badge and a network user name, both are trusted but they don't talk to each other," said Omar Hussein, Imprivata's CEO.

"So we extended the network access system to the physical access system. It can now check if you're badged in as you log in, so if one trusted system denies you, the others will too."

The solution simplifies managing access for personnel across locations and within the same office. It does not add a new layer of authentication, but the bridging of physical security with network security is helpful to enterprises.

Do you see advantages or disadvantages to this bridging of access management?

More information:

Imprivata Delivers Next Version of Its Converged Identity and Access Management Platform - Now for the Extended Enterprise (BusinessWire)

8 comments
Jaqui
Jaqui

if it doesn't add another layer of security. it can enable a more severe breach by having the two combined without having an extra layer to prevent it.

CharlieSpencer
CharlieSpencer

so if one trusted system ACCEPTS you, the others will too. I'm sure we can all see the problem with that. Instead of having to fool multiple systems, I only have to get by one.

pr.arun
pr.arun

Do you see great advantages to this bridging of access management?

bertwin83
bertwin83

Read the article and the previous response again. How would requiring physical access to a user's id card/badge before you are able to even attempt to use a password to sign in enable a more severe breach? Just having the card and getting in the door does not mean that you automatically have access to a computer, you still need the password.

gardoglee
gardoglee

The article did not say that it would automatically allow access to the system after the physical access was satisfied. That would be absurd, as it would then give anyone in an office access through any machine. It simply says that if I sit down at a terminal and try to log in it will not allow me to do so under the ID of someone who is not physically there. This would be very useful to prevent things like the use of a password written on a post-it by another employee, a member of the night cleaning crew, the guy from the package delivery service, or a whole set of other scenarios which occur in the real world. If they can also give this information to help desk personnel when 'someone' calls the help desk from the office wanting their password reset then they can help block another social engineering exploit.

Litehouse
Litehouse

The article states "Every organization has two trusted authentication systems ? a door badge and a network user name". This is incorrect, not every organization uses door badges. Many organizations that DO use door badges do not REQUIRE them to be scanned for entry. Doors can be held open, or multiple people can enter at the same time, with only 1 of those badges being scanned. Some only require scanning for sensitive areas or private entrances.

Jaqui
Jaqui

the physical access to the backups. the usb drive interface to connect a disk from the netowrk to a non network machine, bypassing the security software, while keeping the security system calm, because of the tie-in between network and physical access. with physical access a password is nothing but an inconvienience, not a barrier. the password protection is more of a barrier for remote access situations. edit to add: if the physical access includes biometrics, then it removes the issue. [ eye scans, fingerprints for physical access, voice or another for network ]

Editor's Picks