© 2009 IBM Corporation Addressing Password Management Challenges with Single Sign-On
© 2009 IBM Corporation
Addressing PasswordManagement Challengeswith Single Sign-On
© 2009 IBM Corporation2
Agenda
Password management challenges
Addressing challenges with single sign-on
IBM Tivoli solution overview
IT benefits
Business benefits
Customer success story
Getting started
© 2009 IBM Corporation3
Java application
Java application
Typical Users Have Multiple Passwords
Each application has unique password requirements
Password update intervals are different by application
Easy to forget or confuse passwords
Password #1Windows application
Windows application
Web application
Web application
Web application
In-house application
In-house application
Password #2
Password #3
Password #4
Password #5Password #6Password #7Password #8
Password #9
© 2009 IBM Corporation4
Mid-Market Organizations Need to Address Password Management Challenges
Reduce Costs– Help Desk costs, especially password reset
– Managing user access
Strengthen Security– Improve quality of passwords being used
– Implement strong authentication
Compliance– Audit and track user access
– Cost-effectively produce compliance reports
Improve User Productivity– Simplify the user experience
– Faster time to information
© 2009 IBM Corporation5
Solution – One Password!
One password to sign-on to Windows, Web, Java, Telnet, in-house developed and mainframe applications
Without modifying applications
Without modifying the directory used (Active Directory, etc.)
Automatically renew expired passwords
Self-service if password is forgotten (no Help Desk call)
Fast deployment
Simplify user access while strengthening security
IBM Tivoli Access Manager for Enterprise Single Sign-On simplifies password management
© 2009 IBM Corporation6
Tivoli Access Manager for Enterprise Single Sign-On Solution Overview
Tivoli Access Manager for Enterprise Single Sign-On enables visibility into user activity, control over access to business
assets, and automation of the sign-on process.
Single sign-on
Supports strong authentication
Workstation sharing
Password self service
Web-based administration
Browser-based remote access
User access tracking & audit
No change to the infrastructure
© 2009 IBM Corporation7
Business Benefits
Cut help desk costs by lowering the number of password reset calls
Quick time to value – no modification required to target systems, platforms or applications
Simplify compliance by tracking and reporting on user access
Protect critical applications with stronger authentication
Strengthen security by reducing poor password behavior
Simplify user experience for improved productivity
Restore IT focus to problem solving and strategic initiatives
© 2009 IBM Corporation8
IT Benefits
Logon and password change support for Windows, Web, Java, Telnet, in-house developed and mainframe applications
Automatically manages password updates and easy self-service for password change and reset
Uses your existing directory or database
Supports all types of users – connected, remote, roaming, kiosk and multi-machine
Supports strong authentication with building access badges, USB smart tokens, active RFID, biometrics and iTag
Credentials encrypted at all times to improve security
© 2009 IBM Corporation9
Physician Group Improves Patient Information Security to Meet HIPAA Requirements
Organization– Physician group in the mid-west U.S.– 300+ users and 20+ applications
Challenge– HIPAA compliance requirements– Securing workstations shared by multiple users– Simplify access to all health care applications
Solution – Tivoli Access Manager for Enterprise Single Sign-On using the existing employee
building access badge to also access computer information
Impact– Helped meet HIPAA requirements– Improved productivity – physicians, nurses and administrators spend less time logging on
and off– Reduced operating costs – fewer password resets– Supports Physician Group’s leadership position
© 2009 IBM Corporation10
IBM Rated Strong Positive in Gartner MarketScope for Enterprise Single Sign-On
The MarketScope is copyrighted by Gartner, Inc. and is reused with permission. The MarketScope is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the MarketScope. Clients should not base product selection or shortlist decisions only on the basis of vendor ratings. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. The MarketScope graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from IBM.
Gartner Research Note G00170568, Gregg Kreizman, 15 September 2009
© 2009 IBM Corporation11
IBM Received Highest Rating by Forrester for Enterprise Single Sign-On
The Forrester Wave™: Identity And Access Management is copyrighted by Forrester and is reused with permission. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. The complete report is available from Forrester at www.forrester.com
The Forrester Wave™: Identity And Access Management, Q4 2009 by Andras Cser, November 3, 2009
The Forrester Wave™: Identity And Access Management, Q4 2009
report rated IBM Enterprise Single Sign-On with the highest possible
score, and ahead of all other competitors
© 2009 IBM Corporation12
Getting Started
Assess your current password management posture Do you have high Help Desk costs from passwords resets? Are users compromising security because of poor
password behavior? Do you need to improve auditing, tracking and reporting
of access to meet compliance requirements? Are your users losing productivity because they have
multiple logins and passwords?
Arrange for a demonstration See the impact the leading single sign-on solution can make
View product information on the Web ibm.com/software/tivoli/products/access-mgr-esso/
Contact your IBM or Business Partner sales representative
© 2009 IBM Corporation13
© 2009 IBM Corporation14