Download - 4 so customer presentation
ID-SEC SOLUTIONS LTDIdentity and Access Management
Solutions
4SO4SOSSmart, mart, SSimple, imple, SSingle ingle SSign-ign-OOn Solutionn Solution
for for
Lotus NotesLotus Notes
CURRENT SITUATION
Lotus Notes is a highly secured messaging solution
10% – 20% of help-desk calls deals with password problems in Lotus Notes
A user forgot his Notes password won’t be able to use his mailbox
To reset password takes 4 hours in average and prevents the user to access his Notes account.
4SO – SECURITY PROBLEMS By copying the ID file and knowing the
password, user can take control of the other’s mailbox.
Different password policy for Active Directory and Lotus Notes.
When there are too many passwords to remember user tend to write the password on the screen, behind the keyboard or any insecure place.
ORDINARY LOTUS NOTES LOGIN
ID File
*******
User Start the Notes
client
User prompt to enter his password
Password uses to
open ID file
Notes client establish encrypted
session
4SO LOGIN PROCESS
ID File
4SO
*************************
User Start the Notes
client
Notes ask 4SO to supply password
4SO user details and provide Notes it long
password
Password uses to
open ID file
Notes client establish encrypted
session
4SO validate Active Directory
login ticket
4SO SOLUTION ADVANTAGES
Reduce help desk calls on Notes forgotten password.
Improve user experience along with improving Notes security.
Quick and simple implementation, less than 30 Seconds installation process.
Solution doesn’t based on Active Directory password, but Active Directory authentication.
Keeps the ID file password non human, 512 bit long.
TECHNOLOGY EDGE
Notes login based on user’s Active Directory Kerberos ticket.
Allow online and offline login to Notes. Offline login use when a portable computer don’t
have connection to the Active Directory domain and the user login to the computer using cache login.
SUPPORT
Lotus Notes client versions 6.x, 7.x, 8.x All Microsoft Windows versions Remote Desktop, Citrix Active Directory 2000, 2003, 2008 All Active Directory authentication methods
include user/password, biometric, smart card etc…
COMPOTITORS
Lotus Notes Password sync and Shared Login Pistol Star Notes ID File Password Storage - The ID Vault General SSO solutions (TAM, imprivata…)
4S
O s
up
port it a
ll
NOTES SHARED LOGIN (NSL)
You cannot use shared login if any of the following conditions is true:
you use a computer that does not run Microsoft Windowsyou use a Smartcard to log in to Lotus Notesyour User ID is protected by multiple passwordsyou are a roaming user that uses a roaming IDyou run Notes on a USB driveyou use a mandatory Windows profileyou are running Notes in a Citrix environment
4SO NSL General SSO
Pistolstar
Smart Cards ✓ ✗ ✗ ✓
Notes versions All 8.5 All All
Active Directory Multiple passwords
✓ ✗ ✓ ✗
Citrix ✓ ✗ ✓ ✓
Password strength
512 Bits Medium 6-10 Chars (Human base)
6-10 Chars (Human Base)
ID VAULT AND SSO SOLUTIONS
Use Servers to store the passwords – Single point of failure.
Keep a human based password – 4SO have a very long password
SUCCESS STORIES
Major bank in Israel – 13,000 Users, works since 2008, not even one support call.
Ministry of Finance – 2,000 users, works since 2009, not even one support call.
Ministry of Interior – 2,000 users, works since 2009, not even one support call.
Civil Services – 1,300 users, works since 2009, not even one support call.
Governmental Organization – 3,500 users, works since 2009, not even one support call.