Digital Design: Single system of access control and authentication

Since December, 2011 Digital Design brings to the market a new solution "A single system of access control and authentication" on the basis of a linking of the software Microsoft Forefront Identity Manager 2010 and Indeed-ID. A system allows to manage identification data and access to corporate information resources.

Now in many companies it is used in work on some tens of systems, in each of which the worker should have the certain permission set corresponding to his position. Several participants, including representatives of department of IT, personnel department, a security service and heads of divisions are involved in process of management of access rights (in connection with hiring of personnel, dismissal or increase on a position), as a rule. Updating of a permission set is made manually therefore the human factor has a great influence on process, it leads to emergence of errors in purpose of access rights. Incorrectly appointed powers pose a threat of information security of the company. The functionality of the solution Digital Design which is responsible for access control is implemented by means of the product Microsoft Forefront Identity Manager 2010. He allows to distribute the rights according to a role model, to automate process of management of access and to quickly make corresponding changes to all systems connected to it. At the same time the permission set forms depending on functional duties of the employee, belonging to specific division, on territorial and to other signs or their combinations.

Besides, the solution Digital Design provides effective management of identifiers of access to information resources. Indeed-ID product line is for this purpose used. It gives the chance to considerably simplify and accelerate the procedure of access due to use of approach of Single Sign-On which allows to exclude repeated user authentication in each of systems used by it (the last often leads to gluing of pieces of paper with numerous passwords on monitors that reduces to zero all efforts on information security). Advantage of approach of SSO is individual access control of each employee with a possibility of tracking of history of access to information resources. Authentication can be made on several factors at the same time – using a smart card, a fingerprint, the one-time password, an USB token. The solution can be integrated with other systems, for example, a control and management system for access to the premises (ACS) that allows to control compliance between the physical presence of the employee and actions made from his name.

Dmitry Tatarinov, the director of the department of infrastructure solutions, Digital Design, comments: "Now we observe growth of interest of clients in solutions of this sort. The companies develop, their IT infrastructure becomes complicated and the quantity of the used information systems increases. At such variety of an IT landscape and increase in IT value in business it is very important to provide the high level of data protection. Now began to treat these questions much more seriously. In all large organizations there were departments of security which are not a part of IT, but separate structural unit any more. It means that questions of data protection play the increasing role. Especially it concerns the companies working in such spheres as banking, insurance, production of original products or the equipment. Integrated solution "The single system of access control and authentication", the offered Digital Design, allows to optimize activities for access control to information resources and to considerably reduce risks of security and operating costs".