ACCESS SECURITY

The dispersion of information on users and their entitlements in many various and constantly used applications and systems, as well as the constantly changing business conditions, require the coherent policy on the management of access and users.

Each dedicated IT system developed by Enigma is based on advanced authentication solutions or comprehensive identity management systems. In the delivered solutions ensuring the safety of access and identity management, our activities are based both on own products and solutions of third parties.

APTO – TWO-CHANNEL AUTHENTICATION SYSTEM

APTO is an innovative platform of authentication and authorization, combining ease of use with high security, based on the two-channel model of authentication mechanisms, mobile operating systems and PKI technology.
APTO is a program installed on the mobile device and is used to confirm any, outsourced operations. By using PKI it is fully secure and resistant even to sophisticated attacks. Prevents unauthorized access to protected resources. At the same time easily integrates with other systems and applications operating in the company. It replaces cumbersome and expensive to maintain, and, until recently, the most popular methods of user verification. It surpasses existing solutions in terms of safety and reliability. Moreover, clear interface provides intuitive operation. The two-channel mechanism to confirm (“something you have + something you know”) is the best way to improve the safety of operations, next to high-technology PKI. The user has the opportunity to refuse the operation if it raises his suspicions. Increasingly frequent incidents of man-in-the-middle theft, phishing and attacks using spyware software are also eliminated. Even highly advanced attacks are not dangerous for the security of information, through the use of encryption, among others.

BENEFITS

  • prevents unauthorised access
  • uses a two-channel transaction authorisation mechanism
  • enables work with the solutions of different vendors
  • provides two-factor authentication to enterprise applications

SLASH A3 – CENTRAL AUTHENTICATION SYSTEM

Slash A3 is own solution playing the role of a universal authentication server. It uses various methods for the confirmation of user’s identity, e.g. Single-Sign On. As a source of authentication information, it may use many types of databases and external servers such as Radius, Kerberos, SSL/TLS etc. Due to the built-in http/https server and the application of a script language (Lua), it makes it possible to create interactive websites supporting the process of authentication using certificates.

BENEFITS

  • centralisation of the management of user’s accounts in systems and applications
  • centralisation of the management of entitlements for each user
  • management of user’s roles in the systems
  • possibility to define an official path in the scope of confirmation of entitlements by superiors
  • verification of the granted entitlements in terms of their safety and validity
  • huge analytical and reporting opportunities

IDM – IDENTITY MANAGEMENT SYSTEM

Upon employment in the company, each employee obtains a virtual identity which includes appropriate entitlements in IT systems, related to the position occupied, tasks and competencies in the organisation. The Identity Management solutions in relation to users allow to perform routine monitoring of user’s entitlements in all systems of the institution, which translates not only into the increased data safety, but also into the ordered and simplified processes related to user’s entitlements. Our experience resulting from the implementation of the IdM systems of global leaders indicates that launching such a system in an organisation allows to achieve noticeable improvement in the scope of access safety within a very short time frame, even within months. The increasing flexibility of such solutions allows to implement even the most complex processes existing in enterprises.
Due to the application of solutions supporting identity management, the configuration of user’s accounts in IT systems and the management of passwords allow to constantly monitor user’s entitlements in all IT systems within an enterprise. The solution makes it possible to synchronise many passwords with a single login name and to assign or receive entitlements according to the business needs of a company. It manages, in a central way, competencies of individual employees or group of employees for applications and systems, simplifying procedures of granting such competencies.

Enigma possesses 15-year experience in the scope of identity management. We take advantage of the proven technologies and software of market leaders, e.g. Oracle, CA Technologies, IBM. The wide experience and knowledge of our engineers and system architects allow to offer our clients optimum solutions adapted to individual needs and budgets.

BENEFITS

  • routine monitoring of user’s entitlements at all levels
  • centralisation of user’s accounts in all applications and systems – simplified procedures
  • management of user’s roles in systems
  • defining an official path in the scope of confirmation of entitlements by superiors
  • verification of the granted entitlements in terms of their safety and validity
  • possibility to automatically and preliminarily grant entitlements based on the method of comparison with a group of employees from the same process
  • wide analytical and reporting opportunities
  • management of privileged accounts

PIM – PRIVILEGED ACCOUNTS MANAGEMENT

In each organisation there are administrators, system architects, service technicians maintaining systems who use special accounts allowing to obtain access to information with the highest confidentiality level. These are the so-called privileged identities. Due to the scope of entitlements, these accounts constitute one of potential sources of threats. A main problem requiring constant supervision is the necessity to share account names and passwords with a large group of users. Safety management without dedicated solutions for the management of privileged accounts becomes legally impracticable. Privileged account management tools make it possible to implement a safe system for the supervision over passwords of shared privileged identity accounts within an organisation. Due to it, we may be sure that these accounts are used only when it is necessary, and the entire process of applying for access is fully accountable. It is known which user used a given account, when and for what purpose. The solution allows to constantly monitor user’s entitlements in all integrated systems within an enterprise.

Our team consists of experienced engineers and system architects holding certificates of many renowned producers of modern IT technologies. As part of implementation, solutions offered by them are adapted to the needs and individual requirements of an organisation of all sizes.

ASSETS OF THE SOLUTION

  • full monitoring of accounts
  • the possibility of implementing a secure password management of shared accounts and privileged identities
  • full accountability of applications for access

PRIVILEGED ACCOUNTS MONITORING

Privileged users, as well as network, system or database administrators, have unlimited access to all critical servers, applications and databases in an organisation. They may create and remove profiles of users and manage entitlements. The function of their position is critical from the point of view of the business continuity of an organisation and requires the highest entitlements and unrestricted access.
Activities of privileged users left without an audit may result in abuses and cause irreversible damage to the company’s credibility. The session recording solutions come with help. The session recording tool range includes IT systems allowing to register work of network and system administrators for audit and evidence purposes. They act as a security apparatus on servers. They help in tracking the activity of privileged users and reconstructing activities performed by them. The tools allow to save the subsequent steps of a session, making it possible to fully monitor employee’s activities and reconstruct its activities at a computer or through remote work.

ASSETS OF THE SOLUTION

  • video recordings of all privileged users activities
  • generation of audit logs for each application (even those which do not have internal login!)
  • identification of joint users (“admin” account) and detection of identity theft
Napisz do nas

Napisz do nas już teraz. Odpowiemy najszybciej, jak tylko będzie to możliwe.

Not readable? Change text. captcha txt

Start typing and press Enter to search