Enterprise Single Sign-On (ESSO) solutions require a company’s employees to remember and provide just one set of credentials -- a user name and password -- to access the full portfolio of applications, data and services for which that user is authorized. While ESSO technology is not new, existing solutions have been expensive and time consuming, and rarely lived up to expectations. However, there are newer, more cost-effective solutions on the market that help organizations benefit from increased user productivity and reduced security management costs by enabling ESSO to all your enterprise applications.
When examining Single Sign-On technology options, look for an affordable, easy-to-implement appliance without needing to modify applications. To maximize the enterprise-wide benefit, an ESSO solution should fully support multiple strong authentication methods and centralized policies to allow companies to implement levels of security that are appropriate for their environments.
Combining the ease-of-use of a quality ESSO solution with the identity exclusivity of biometrics can help organizations improve employee productivity and adhere to better security practices, while strengthening their overall security posture and minimizing the burden on IT to manage such a central security system.
Any finger biometric solution choice should consider such critical factors as usability/convenience, system performance, security/user privacy and cost.
SIDEBARA biometric-enabled ESSO solution should adhere to the following key criteria:
Combining Biometrics with ESSO
Matches each user by correlating against known set of references, taking into account:
- Variations in pressure and density
- Aging or dirt induced variations in the print
- Orientation of finger on the sensor
- Captures images at higher speeds, resulting in less image blur distortion
- Normalizes for humidity variations in the finger
- Is “device neutral,” and not associated with a specific sensor or reader
- Ensuring that each captured fingerprint image is destroyed and cannot be misused
- Maintaining mathematical descriptions of a print’s landmarks, but not the actual print itself
- Never shipping a username with the template
- Storing username in a double-blind alias mechanism on server