Imprivata is this week announcing new functionality to its OneSign single sign-on (SSO) appliance. The module, ProveID, can add transactional-strong authentication into any application’s workflow – without the need to reprogram the application. This can make it much easier to address increasing policy and regulatory compliance requirements which are now being mandated in numerous industries, states and countries. ProveID can combine with any application to ensure transactions are properly and traceably authenticated, eliminating compliance and policy risks such as unauthorized data transfers, complicated workflows and illegitimate or erroneous transactions or activities.

Because the OneSign appliance is in the network, in the flow of all transactions, ProveID can be invoked whenever someone attempts to access any particular transaction. The person requesting access can then be asked for further, stronger, authentication needed for only that particular application or transaction.

One example cited by Imprivata was the requirement by the state of Ohio Board of Pharmacy for two-factor authentication whenever a controlled drug is prescribed. The authentication requirements are strong but flexible and may include countersigning, multifactor authentication or strong passwords to bolster policy enforcement and compliance at the point these efforts are most important – immediately prior to completing the transaction. Imprivata customer OhioHealth, a family healthcare organizations, will utilize the ProveID functionality to invoke stronger authentication before using McKesson’s Horizon Expert Orders and Horizon Emergency Care solutions (well known third party prescription applications) to meet the state requirement for transactional strong authentication. It should make the process both more secure as well as more efficient. That’s an excellent combination!

ProveID could also allow you to finally add stronger authentication to those critical applications that are now less secure than you’d like them to be – without changing the applications or the user’s experience (well, they’d have to cough up the stronger authentication, but it would be done “in line” as they were accessing the application).

Head over to Imprivata http://www.imprivata.com and check out the details.

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.