Imprivata OneSign Single Sign On (SSO) uses breaktrough technology to help organisations benefit from increased user productivity and reduced password management costs by enabling single sign on (SSO) to all your enterprise applications.

Imprivata OneSign Single Sign On uses patent-pending technology to enable SSO without modifying applications.  Companies benefit through centralised password administration, lower help-desk costs, increased user productivity and satisfaction, and ability to demonstrate compliance.

Imprivata OneSign Single Sign On requires no modifications to existing applications and no user learning curves.  With integrated support for multiple, strong authentication methods, centralised password policies, OneSign Single Sign On allows companies to implement levels of security that are appropriate for their environments.

Imprivata OneSign Single Sign On is invaluable to IT departments managing a heterogeneous portfolio of applications.  Because OneSign replaces multiple passwords and application logon events with a single, centrally-managed user logon, IT's burden is significantly reduced.  There's no longer any need to compromise increased security for increased usability.  Imprivata delivers both security and convenience within the fully integrated OneSign appliance.

Instead of custom scripting or Visual Basic code, OneSign Single Sign On uses the OneSign Application Profile Generator (APG) to "learn" the login behaviours of the applications and generates the correct XML profile that is securely distributed to users on a session basis.  As new applications are added the APG is ready to make changes in minutes without any interruption or downtime.

Organisations can also use OneSign Single Sign On Extension Objects to integrate with an unlimited set of critical business functions.  OneSign Single Sign On events trigger the execution of independent procedure code to enable powerful capabilities as Roaming User Desktops, Personalised Drive-Mapping, or Automtic Paasword Synchronisation.

OneSign's browser-based tools allow administrators to increase information security through straightforward password policy settings.  Administrators can change password constraints (minimum/maximum length, reset intervals, auto resets), manage authentication challenges, and accomodate application-generated password reset requests automatically.

Features

Automate Application Password Changes
With OneSign Single Sign-On, administrators can implement a clear, straightforward password policy across all SSO-enabled applications based on users' primary authentication.  For additional security measures, OneSign is able to cycle complex application passwords behind the scenes on the users' behalf.  This allows organisations that require certain application passwords to be changed periodically to handle the changes automatically.

Self-Service Password Management
With this option, users can easily reset or be notified of their own network and application passwords without help desk intervention.  Administrators can set identity verification thresholds for users, or groups of users, who are simply prompted to a set of random or administrator-created questions, and, once authenticated, OneSignSingle Sign-On delivers the service.  This service can be accessed either by the network or via the web.

Broad Support for Strong Authentication
OneSignSingle Sign-On supports major forms of authentication out of the box without requiring any custom integration with device vendors.  Authentication methods include password, strong password, finger biometric authentication or identification, active and passive proximity cards, smart cards, One-Time Password tokens, USB tokens and Kerberos authentication.  Administrators decide which users should have which authentication modes, and whether they should upgrade their authentication options over time.

Application Profile Generator (APG): Point and Click instead of expensive clicking
The OneSign Single Sign-On Application Profile Generator (APG) enables SSO and password change support for ALL enterprise applications - without writing logon building custom connectors or modifying existing code.  APG's point and click paradigm automatically learns logon and password change behaviours for even the most challenging applications - including native Java clients, Telnet emulators, Web-to-host applications, frame-based Web applications and many more.

Monitoring and Reporting
The OneSign Intelligent Agent allows organisations to monitor, capture and log password-related user access events in a centralised database.  Easy-to-use detailed reporting can strengthen security and enforce regulatory compliance across all applications.  Now, for the first time, administrators can easily monitor access records for every user, application or workstation in one, central location - even revealing users that may be sharing credentials to confidential applications.

Provisioning Support
OneSign Single Sign-On provides provisioning support based on the industry standard Service Provisioning Markup Language (SPML).  SPML-based provisioning support allows users - and their network and application credentials - to be automatically provisioned and de-provisioned in OneSign Single Sign-On, eliminating the need to ever issue passwords to your users.  New users, applications, and password resets are automatically reflected in OneSign. 

OneSign Extension Objects: Roaming Desktops, Drive-Mapping and More
Organisations can now extend OneSign Single Sign-On events to automate or integrate with an unlimited set of critical business functions.  This is done through the execution procedure code that can be associated with any OneSign Intelligent Agent event:

• Roaming User Desktop Session Management across workstations
• Personalised drive-mapping desktop follows users during workstation switching
• Automated password synchronisation across multiple workstations
• Event-based user messages executing a start-up command upon login

These procedures can consist of DOS command sequences, JavaScript or VBS scripts.  Any pre-defined OneSign Intelligent Agent event can trigger one or more procedures.

Benefits

Radically Easy
From the beginning, OneSign Single Sign-On was designed to make password management easy for IT and end users alike.  Implementing and managing it is extremely fast and simple.

• Application Profile Generator (APG) Our intelligent APG technology SSO enables all enterprise applications - legacy, client/server, or web-based out of the box.  There is no custom scripting required, no connectors to build and no long and expensive custom integration projects to manage.
• Intuitive User Interface OneSign Single Sign-On's administrator console provides an intuitive, easy to navigate, web-based interface.  Making enterprise single sign-on easy to install, configure and deploy.  In a matter of days, you can fully SSO-enable your organisation.
• OneSign Intelligent Agent The OneSign Intelligent Agent automatically updating for you by recognising when new versions, application SSO profiles user security policies are added or changed.  It's easy for users too.  They log on to their applications as always, and require no training or modifications to thier desktop environment.

Simply Smart
A hardened appliance built on patent-pending technology, OneSign is designed to be smart enough to do much of the work for you because we anticipated and automated redundant tasks.  The OneSign appliance is shipped in a redundant pair configuration providing seamless failover.  System back-up can be automatically run and transferred for storage each day without administrator effort.  The system can be restored from a back-up file in minutes for disaster recovery.

• Automated Password Policy
  OneSign Single Sign-On automates password policy implemenation - creating unique, strong passwords behind the scenes to support compliance efforts.  It performs password changes automatically on behalf of the users, ensuring stricter security.  It eliminates security breaches associated with passwords written on sticky notes posted to monitors and keyboards.  And, OneSign Single Sign-On decreases costly help desk calls associated with password reset calls.
• OneSign Extension Objects
  Organisations can extend OneSign Single Sign-On events to launch an unlimited set of critical business functions using OneSign Extension Objects.
• Support for Range of Strong Authentication Modalities
  With built-in support for various authentication methods such as passwords, ID tokens, active or passive proximity cards, smart cards and finger biometrics, OneSign Single Sign-On offers a smart and effective way to increase your security while leveraging the benefits and convenience of single sign-on.
• Monitoring and Reporting
  Built-in monitoring provides an accounting of which users accessed which applications and when, including all password change activity.  Detailed access logs and reports give organisations the ability to refine and strengthen security policies and enforce regulatory compliance across all applications.

Uniquely Affordable
OneSign Single Sign-On's low total cost of ownership, short implementation time and quick user adoption delivers instant help desk cost reduction - and with that, immediate financial return.  Companies see decreased costs and increased staff productivity greatly reduced help desk and password reset calls.

• Self Contained Appliance
  As a self-contained appliance, OneSign Single Sign-On delivers all the functionality needed to effectively implement and manage single sign-on.  There is nothing else to buy - no custom scripting or costly integration.
• Low Installation and Ongoing Maintenance
  Changes to policy, applications or user profiles can be administered and transparently applied in a matter of minutes from the administrator's console.  Users remain productive and ongoing day-to-day management is minimal.