So Many Passwords, So Little Memory

By Lauren Simonds
  • Print Article
  • Email Article

Trying to keep track of all the passwords you need to access the various servers and applications at work can be a daunting task — one that might make you think you're coming down with an early onset of dementia. But in today's security-minded world, passwords are multiplying at a head-spinning rate and challenging SMBs to find better ways of managing them.

Imprivata, a Lexington, Mass, technology company today announced the arrival of OneSign 2.6, the newest version of its enterprise single sign-on appliance (ESSO). OneSign bypasses managing passwords altogether — the appliance is designed to eliminate the need for multiple passwords. One secure password gives you access to all applications on a server.

For example, posting one story on SmallBusinessComputing.com can involve signing on with up to four different usernames and passwords (depending on the number of elements within the story). OneSign purports to make that process possible with one secure password — we're talking something a bit more secure and less predictable than your pet's name or your favorite sports team.

According to David Ting, Imprivata's founder and CTO, the proliferation of multiple passwords is inconvenient and expensive. "Tighter security through multiple sign-ons not only slows down your employee's productivity, it increases IT costs, too," he said.

Ting points out that one incident of an employee forgetting a password — and having it reset — can cost approximately $35 in IT costs. "The more passwords an employee has only increases the likelihood that he or she will forget at least one — or more — over the course of a year. Multiply that by the number of employees, and the costs can add up quickly," he said. "OneSign eliminates the need for multiple sign-ons without sacrificing security."

Playing It Safer
OneSign also works in conjunction with biometics and tokens — devices such as ID cards that require a pin number. "Many companies have already invested money in security technologies such as ID tokens and fingerprint scanners," said Ting. "OneSign can work with those technologies to offer a two-factor security solution." Ting said OneSign supports those technologies right out of the box and lets you mix and match them to fit your company's specific needs.

What's New in Version 2.6
Imprivata's made several changes to version 2.6. The biggest concerns the appliance's open source operating system. Previous versions ran on Linux Red Hat, but now, OneSign 2.6 is the first Linux-based SSO appliance built on Novell's SUSe Linux Enterprise 9.

What's this mean to you? Ting said that the embedded SUSe Linux OS remains invisible to the user, but lets the appliance work seamlessly with any Windows environment — 98, NT, 2000, XP and Win 2003.

The company calls another of its changes "User Name Correlation," meaning that OneSign now has the ability to determine (and notify IT administrators) whether two people are signing on with the same username and password — a definite no-no.

Unlike the previous version, OneSign 2.6 can now interface with Oracle Internet Directory (OID). OneSign also supports Microsoft Active Directory and NT domain, Sun iPlanet LDAP Directory, Novell's Netware and eDirectory directories

Imprivata's OneSign
Enter and Sign In Please: Imprivata's OneSign is designed to eliminate the need for multiple passwords while maintaining tight security.

The company has also added more Western European language support including French and German.

ROI, Pricing and Availability
Ting told SmallBusiinessComputing.com that OneSign is aimed at companies with at least 200 employees with a small IT staff of less than five people and ranging up to 10,000 employees. OneSign's license pricing is as follows:

  • 200 people costs $15,999 — roughly $80 per person
  • Up to 500 people costs $24,995 — roughly $50 per person
  • Up to 1000 people costs $39,995 — roughly $40 per person

To get a better idea whether OneSign is a good option for your company, you can check out the return on investment (ROI) calculator on main page of Imprivata's Web site.

Imprivata makes the OneSign available through its VARs and channel partners. A sampling of the company's VARs in the US include: National Business Group (NBG) — a nationwide VAR, Tech Power in the Northwest, eos Systems in New England, Computertech in the Southwest, CPU Sales in New England and Data Processing Sciences (DPS) in the Midwest.

Lauren Simonds is the managing editor of SmallBusinessComputing.com

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

This article was originally published on November 16, 2004
Thanks for your registration