Affordable Smart Credentials Delivered by Appliance

| 0 Comments | 0 TrackBacks
ActivIdentity Aims for SMB Market with New Credentials Management Appliance

Using smart credentials to achieve strong authentication is generally thought of as a solution for large companies with sensitive data assets and/or compliance issues along with deep pockets. With its release earlier this month of the ActivID™ Credential Management System (CMS) Appliance, ActivIdentity hopes to change that paradigm.

"This appliance should open up the market for smart credentials," said Chris Harget, director of enterprise markets worldwide, for ActivIdentity. He cited medium-sized medical, finance, manufacturing businesses and state and local government agencies as potential customers.

The CMS appliance enables deployment of smart cards and smart USB tokens for authentication into desktops, VPNs, applications and building access systems. To support these, the box also incorporates a full PKI infrastructure.
The appliance is available directly from ActivIdentity, from value-added resellers and through channel partners. The box with all its embedded features sells for $15,000; a $30 per user license includes the middleware residing on users' computing devices that communicates with the CMS appliance. The enterprise may choose a smart card or USB token for users; the card ActivIdentity would recommend runs about $12-$13 per user, Harget said.

Designed for Easy Deployment

"The appliance really is a one-box solution," he said. Embedded in it are a full credentialing management system, database, PKI, including certificate authority, and best practices for credential management profiles drawn from ActivIdentity's professionals services group.

The CMS appliance database populates with user data from Active Directory or other directory software. In general, the built-in best practices profiles and software wizards enable most enterprises to set up the appliance within 30 minutes, Harget says. More complex integration environments or those lacking any sort of identity management practices could require more implementation time and/or services.

Businesses that have shied away from the expense or perceived complexity of PKI should find the CMS appliance essentially makes deploying PKI a turnkey process. "We've made those capabilities as transparent to the user as possible," said Harget.

While the appliance would not provide a full PIV solution for local government agencies, "they need to get started, and this would supply an infrastructure," Harget said.

Supporting Converged Credentials


The appliance can also enable users to carry fewer credentials because it can provision the same credential for physical access as well as logical access. "We've been thinking for some time now the PACS-LACS convergence should be happening," Harget said.

Last month at ASIS 2010, Hirsch Electronics announced an offering in which Hirsch has put what Harget describes as "a shell" around the ActivID CMS appliance, making its features available through the interface of Velocity, Hirsch's security management platform. With a few keystrokes, then, it's possible for a user's credential to be provisioned for logical access at the same time it is configured for physical access.

"It's a nice story," Harget said, noting that Hirsch has a sizable distribution network.

Enabling Stronger Cyber Security


Harget expects the appliance will appeal to organizations with as few as 200 users, provided they have intellectual property, customer data, and compliance issues to manage.

Another selling point Harget cites is the ability to get more security from a single credential. Many security surveys have shown that cyber-crooks often steal credentials to break into networks, databases and applications. For example, Verizon's 2010 Data Breach Investigations Report cited stolen log-in data as accounting for 38% of all hacks and 86% of the data compromised or stolen. Smart credentials can be a barrier to such identity theft through a variety of means, from cryptography to one-time password generation.

"We're offering an identity assurance level that's streamlined, that insulates the enterprise from a variety of systems, that consolidates credentials and replaces varying levels of security with one strong layer," said Harget.

Citing the obligatory "quiet period," Harget was not able to comment on how ActivIdentity's pending acquisition by HID Global might affect the CMS appliance. However, extrapolating from common knowledge and assuming shared marketing savvy, it seems likely HID/ActivIdentity could create some very price point-attractive credentials and identity assurance solutions for the SMB market, combining the appliance with HID's economies of scale.  

# # #
ActivIdentity Aims for SMB Market with New Credentials Management Appliance

Using smart credentials to achieve strong authentication is generally thought of as a solution for large companies with sensitive data assets and/or compliance issues along with deep pockets. With its release earlier this month of the ActivID™ Credential Management System (CMS) Appliance, ActivIdentity hopes to change that paradigm.

"This appliance should open up the market for smart credentials," said Chris Harget, director of enterprise markets worldwide, for ActivIdentity. He cited medium-sized medical, finance, manufacturing businesses and state and local government agencies as potential customers.

The CMS appliance enables deployment of smart cards and smart USB tokens for authentication into desktops, VPNs, applications and building access systems. To support these, the box also incorporates a full PKI infrastructure.
The appliance is available directly from ActivIdentity, from value-added resellers and through channel partners. The box with all its embedded features sells for $15,000; a $30 per user license includes the middleware residing on users' computing devices that communicates with the CMS appliance. The enterprise may choose a smart card or USB token for users; the card ActivIdentity would recommend runs about $12-$13 per user, Harget said.

Designed for Easy Deployment

"The appliance really is a one-box solution," he said. Embedded in it are a full credentialing management system, database, PKI, including certificate authority, and best practices for credential management profiles drawn from ActivIdentity's professionals services group.

The CMS appliance database populates with user data from Active Directory or other directory software. In general, the built-in best practices profiles and software wizards enable most enterprises to set up the appliance within 30 minutes, Harget says. More complex integration environments or those lacking any sort of identity management practices could require more implementation time and/or services.

Businesses that have shied away from the expense or perceived complexity of PKI should find the CMS appliance essentially makes deploying PKI a turnkey process. "We've made those capabilities as transparent to the user as possible," said Harget.

While the appliance would not provide a full PIV solution for local government agencies, "they need to get started, and this would supply an infrastructure," Harget said.

Supporting Converged Credentials


The appliance can also enable users to carry fewer credentials because it can provision the same credential for physical access as well as logical access. "We've been thinking for some time now the PACS-LACS convergence should be happening," Harget said.

Last month at ASIS 2010, Hirsch Electronics announced an offering in which Hirsch has put what Harget describes as "a shell" around the ActivID CMS appliance, making its features available through the interface of Velocity, Hirsch's security management platform. With a few keystrokes, then, it's possible for a user's credential to be provisioned for logical access at the same time it is configured for physical access.

"It's a nice story," Harget said, noting that Hirsch has a sizable distribution network.

Enabling Stronger Cyber Security


Harget expects the appliance will appeal to organizations with as few as 200 users, provided they have intellectual property, customer data, and compliance issues to manage.

Another selling point Harget cites is the ability to get more security from a single credential. Many security surveys have shown that cyber-crooks often steal credentials to break into networks, databases and applications. For example, Verizon's 2010 Data Breach Investigations Report cited stolen log-in data as accounting for 38% of all hacks and 86% of the data compromised or stolen. Smart credentials can be a barrier to such identity theft through a variety of means, from cryptography to one-time password generation.

"We're offering an identity assurance level that's streamlined, that insulates the enterprise from a variety of systems, that consolidates credentials and replaces varying levels of security with one strong layer," said Harget.

Citing the obligatory "quiet period," Harget was not able to comment on how ActivIdentity's pending acquisition by HID Global might affect the CMS appliance. However, extrapolating from common knowledge and assuming shared marketing savvy, it seems likely HID/ActivIdentity could create some very price point-attractive credentials and identity assurance solutions for the SMB market, combining the appliance with HID's economies of scale.  

# # #

No TrackBacks

TrackBack URL: http://www.securitysquared.com/cgi-bin/mt/mt-tb.cgi/261

Leave a comment