Overview

Many businesses now have a whole range of people working remotely who require quick, simple access to systems and information to help them stay productive. THUS Secure Identity Access solution is a secure, affordable access service that helps you balance the needs of your business while keeping information secure. Secure Identity Access allows you to make sure that access to vital data, applications and networks is only provided to authorised users. As a managed service with no infrastructure to purchase, Secure Identity Access helps you considerably reduce total cost of ownership as it does not require the expense and resource of many security systems. It also complies with the most rigorous industry regulations, and is scalable from one to 50,000 users. Depending on the needs of your users, there is a choice of access methods as follows:

• Tokens: a key-ring sized token generates and displays a different one-time passcode every 60 seconds. This system is ideal for frequent users.
• Passcode On Demand: this does not require a token or additional security device, and is suitable for occasional users.

During the login process the user clicks a link to request a one-time passcode. The service validates the user’s PIN, generates a unique one-time passcode and sends it to their registered mobile phone, PDA or email inbox.

Benefits

• Enables productivity – provides access to key systems and applications wherever your people are working, ensuring they can stay connected and responsive.
• Highly secure – robust authentication process ensures only authorised users can gain access.
• Flexible and scalable – a choice of access methods and easily scalable from one to 50,000 users.
• Simple to use – user-friendly, seamless access to applications with no complex log in process.
• Fully compliant – meets the most stringent industry regulations on data security for peace of mind.

Technical features

Each user is asked to enter their login credentials which are made up of their username, a user-specific PIN and a one-time passcode. These login credentials are then verified against an authentication server to make sure that the details match the identity, and that the individual has the appropriate level of authority to access that resource. Depending on the needs of the user, one-time passcodes can be provided through a market-leading RSA token or a Passcode On Demand system as described.

The service communicates with the authentication nodes (the key systems in your network which challenge users to authenticate themselves). Any system which supports either the open standard RADIUS and 802.1x protocols or the RSA ACE/Agent can become an authentication node, including:

• VPN: All firewalls, IPSEC and SSL VPNs
• Wireless: WiFi access points and hotspots
• RAS: All remote access servers
• Roaming access: ISPs and global roaming services
• Webservers: All popular webservers and proxies
• Web-enabled email: Such as OWA, iNotes and GroupWise
• Web services and applications: Such as Java, PHP, PERL, ASP and .Net
• Thin client: Including Citrix and Terminal Services
• Remote control: Such as KVM switches and PC Anywhere