Smart Employee ID – more than a multi-function smart card system
For organizations seeking to deploy a single and secure intelligent ID badge allowing employees, contractors, customers and business partners to access corporate facilities and IT resources, ActivIdentity provides a Smart Employee ID solution that enables secure access, communications and transactions while reducing administration costs and improving user convenience.
The ActivIdentity Smart Employee ID smart card functions as a photo ID and a proximity badge for facility access, as well as an IT security device for digital identification and authentication. The Smart Employee ID solution is much more than a multi-function smart card: it is a solution that allows organizations to converge user identification and improve facility and IT security by integrating processes and back-end systems. The result is a single card for each person across facility and IT domains, providing increased security and accountability.
Features
- Secure access to facilities through support for leading Facility Access Control System vendors
- Strong Authentication to IT resources via strong authentication for remote access, workstation and network access, application access.
- Secure communications and transactions via secure e-mail, documents and files, signed transactions, secure data exchange , encrypted storage, and secure auditing.
View a Flash feature tour
Business benefits
- Compliance, brand and liability protection: In today’s world, a security or privacy breach may be disclosed in the media and can result in high remediation costs and permanent damage to the image of any organization. ActivIdentity Smart Employee ID solutions reduce the risk of such events by strengthening proof of identity and securing access to information.
- Accountability: When a security incident occurs, the organization must be able to identify the individuals who broke the rules. Strong proof of identity and tight integration between security audits are the keys to providing legally enforceable proof of access to facilities, IT systems and information.
- Cost reduction: Most organizations have separate processes for issuance and administration of facility access badges and IT security tokens. This leads to high costs, duplicated administrative efforts, and increased security risk. With ActivIdentity Smart Employee ID solution, smart cards for facility and IT access can be issued directly from the facility access control system, therefore increasing security and reducing operating costs. The solution leverages existing resources and processes: no need for additional staff and equipment for issuance and management of IT security devices.
- Productivity: In a typical organization, users login with user names and static passwords multiple times per day. With smart card authentication, the login experience is fast with an ATM-like experience (insert your card type your PIN).
- Employee education: Frustrated users tend to work around security policies to make logging into computers easier. With ActivIdentity Smart Employee ID solutions, convenience and security are tied together. For example, the card is required to access facilities, so employees must take their card with them when leaving their office… and the card removal automatically locks the screen and the application.
- Organizational efficiency: As recent regulations have increased the accountability of executives, many businesses are merging their facility and IT security teams into a single organization. ActivIdentity Smart Employee ID solution enables alignment of processes and technology to reinforce these efforts.
Technical benefits
- Complete solution – The Smart Employee ID solution enables two-factor security across the IT infrastructure, including secure remote access, workstation access, network access, application access (single sign on), communications (signed and encrypted e-mail, documents and files) and business processes (signed and encrypted transactions, data exchange and storage, auditing).
- Increased security compliance – Address IT and facility security compliance requirements (Sarbanes-Oxley, Basel II, Gramm-Leach Bliley, HIPAA, HSPD-12) by establishing strong proof of identity, preventing unauthorized access to resources and information, and providing comprehensive audit logs. ActivIdentity solutions link users to online activities with a strong proof of identity.
- Ease of deployment – ActivIdentity solutions integrate with existing IT and facility security environments for cost-efficient deployment and operation, through extensive support for a variety of smart cards, directories, certificate authorities, identity management and user provisioning systems, physical security systems
- Government-approved security – ActivIdentity Smart Employee ID solutions are used by many government agencies around the world and comply with multiple security standards such as FIPS 140 and FIPS 201.
- Extensibility – Open APIs and SDKs allow easy integration with more environments such as additional identity management and user provisioning systems, certificate authorities, and physical access control systems.
- Future-proof - ActivIdentity Smart Employee ID solution is an integrated and modular suite of products that allows organizations to easily deploy smart cards for their immediate business needs (such as replacing expiring tokens used for VPN access), increasing security for LAN access, and add functionality later as their needs grow.
Why replace passwords?
- Passwords are insecure: A password can be used by anyone who knows it and there is no way to be sure that password-authenticated users are really who they say they are.
- Passwords are inconvenient: End-users typically choose weak passwords to make them easier to remember. Strong password policies can reduce this risk, but passwords then become too complex to remember, so end-users write them down on sticky notes under the keyboard or other trivial locations. In either case, the end-result is similar: weak proof of identity and compromises in security policy.
- Passwords are expensive: Resetting forgotten passwords is one of the most common help desk requests and represents a major IT support cost for organizations.
Why migrate from tokens to smart cards?
- Functionality: One-time password tokens provide a higher degree of security than password authentication, but their usage is limited to authentication. By itself, a token cannot be used to sign a document or encrypt a file. A smart card or USB token, on the other hand, can be used for secure communications and transactions.
- Limited usability: Users read the one time password from the token display and then type it on their workstation keyboard. This can be time consuming, and typing mistakes can lead to multiple authentication attempts. A smart card or USB token only requires the user to insert the device and type in a simple PIN code.
- No integration with facility security: One-time password tokens do not replace facility access badges, and cannot be issued or administered directly from the physical access control system console.
Standards support
- GlobalPlatform / OpenPlatform
- Java Card™
- FIPS 201 / PIV certified cards and applications
- FIPS 140-2 certified cards and applications
- FIPS 140-2 certified Hardware Security Modules
- LDAP 3.0
- SSL 3.0
- Section 508
- PKCS#7, 10, 11
- X509
- CRMF / CMMF / CRM
- U.S. DoD GSC-IS
ActivIdentity products used in this solution
Smart Employee ID with our partner solutions
Case Study
Nissan Europe drives security with ActivIdentity Smart Employee ID
Solution brief
Smart Employee ID (PDF, 180K)
|
Register for the
See how Smart Employee ID converges physical and logical access throughout your organization.
Learn about some of the innovative ways government organizations are using smart card technologies