Imprivata offers multifactor authentication without single sign-on

Imprivata normally would be featured in the Identity Management newsletter (and often is, for that matter) but its latest release is aimed squarely at the Windows networking market so I’d thought I’d tell you about it today.

The company is best known for OneSign, its enterprise single sign-on (ESSO) appliance. But this week it announced a new offering, in conjunction with Vasco Data Security (maker of the DigiPass), to bring strong multifactor authentication onto your network – without the need to set up single sign-on should you not want to.

OneSign Enterprise Network Authentication (ENA) is a secure appliance for organizations that need to increase user access security by replacing weak Microsoft Windows username/password authentication with a range of multifactor options. OneSign ENA integrates with a range of authentication options including One Time Password (OTP) tokens (such as the DigiPass), proximity cards, smart cards, USB tokens and fingerprint biometrics.

I spoke with Imprivata CEO Omar Hussain last week and wondered why the company would release what appeared to be a “dumbed down” appliance – OneSign without ESSO. I was surprised when he answered that the reason was because customers asked for it. He explained that many people weren’t willing to forego the obvious benefits of strong authentication while waiting for single sign-on projects to be completed.

It is much easier to implement the authentication piece, as there’s no need to touch every application, enroll users, retrain help desks, etc. Of course, Hussain added, single sign-on could be easily introduced – using the same appliance – at a later time.

Windows authentication has always been a weak point going back to NT servers, 9x desktops, Windows for Workgroups and LAN Manager (and that was 20 years ago!). Windows Server 2003 is better, but many people – especially in heavily regulated industries such as financial services or healthcare – need not only stronger authentication than is built into Windows but also need multifactor authentication.

Still, quite a few of the multifactor solutions on the market lock you into a particular second factor and everyone has to use that single technology. OneSign Enterprise Network Authentication allows you to “mix-and-match” any of the supported technologies, implementing the best fit for the user and context in which they’ll be authenticating.

Still, the inclusion of Vasco’s VACMAN Controller software in ENA does make it even easier to quickly and easily set up, deploy and manage any type of DigiPass for both online and offline strong network authentication without having to purchase or install anything additional. If you’re worried about authentication on your network, or need to implement multifactor methods, Imprivata’s OneSign Enterprise Network Authentication should be an appliance you’ll want to test drive.