Whitepapers
Imprivata OneSign Release 4.1: A Platform Overview
Over the past decade, most organizations have focused their IT security efforts on protecting and defending the network perimeter from the threat of anonymous hackers determined to compromise data and disrupt their systems – and for the most part, investments in this area have largely mitigated these threats.
Read now.
The CIP Challenge: Securing Critical Cyber Assets in the Energy Industry
Energy companies have more to deal with than ever before including the concern that has increased throughout the industry about the security of energy companies’ infrastructure and assets. This concern led to the creation of North American Electric Reliability Corporation (NERC), who in turn developed the Critical Infrastructure Protection (CIP) regulations. While these regulations have been clearly defined, NERC has left it up to each energy company to determine how best to achieve them operationally. With companies required to be "substantially compliant" by mid-2008 and "fully compliant" by mid-2010, along with best practices for CIP compliance remaining unclear, many energy companies face the prospect of failed audits and substantial fines. This white paper, produced in consultation with Imprivata customers and energy industry pundits, discusses the key issues surrounding CIP compliance and offers guidance and recommendations on how Imprivata OneSign platform can effectively support and accelerate a successful CIP compliance program.
Read now.
Compliance and Beyond: Toward a Consensus on Identity Management Best Practices
For more than a decade, government and industry bodies around the world have issued a growing number of regulations designed -- in whole or in part -- to ensure the security, integrity and confidentiality of personal and corporate data . Combined, these individual regulatory guidelines outline what constitutes best practices in identity management and IT security. This white paper explores these compliance-driven best practices, how Imprivata® OneSign® solutions support them, and how prioritizing their implementation makes good business sense beyond the fulfillment of compliance requirements.
Read now.
A More Secure Front Door: SSO & Strong Authentication
With the advent of more stringent government regulations, organizations are seeking ways to further strengthen IT security. Which authentication option is right for your organization? And how easily can it be integrated with your ESSO solution? These are just two of the many questions to consider as you evaluate strong authentication choices. This white paper explores these questions and addresses how organizations can secure network access without creating inconvenience for either IT staff or end users.
Read now.
A Pathway to PCI Compliance
In response to the increased threat of identity thefts and fraudulent credit card charges, governments around the world have been considering an array of new laws and regulations to systematically combat this problem. A key to success with any regulatory compliance effort is to accomplish measurable goals using policy and controls that are easy for the users to implement and accept. This paper will examine some of the requirements of the new standard and review identity and access management technology that can help organizations comply with these regulations in an efficient and cost-effective manner that is easy for users to embrace.
Read now.
Achieving HIPAA Compliance with Enterprise Single Sign-On
When the U.S. Congress passed the Health Insurance Portability and Accountability Act (HIPAA) of 1996, among the law’s many provisions was the establishment of formal regulations designed to protect the confidentiality and security of patient information. Congress set a series of deadlines for healthcare institutions to comply with the new regulations, including an April 2005 deadline for compliance with the security requirements.
Read now.
Bridging the Great Divide: The Convergence of Physical and Logical Security
By integrating your physical and logical systems, you can increase the value of your building access badge, realize tighter enterprise security, and address regulatory compliance. In the past, this integration had been too expensive, difficult and disruptive to achieve. But all that has changed.
Read now.
Integrated Provisioning and SSO: Day One Employee Productivity and Increased Security
Today, the abundance of online information and enterprise applications available to employees improves productivity. However, facilitating fast and secure access to that information is a complex and daunting task. Read how you can enhance productivity with an integrated provisioning/SSO solution to generate and manage user credentials and access.
Read now.
The OneSign Guide to Thwarting Insider Threat
IT departments are becoming increasingly aware of the threats inside the firewall -- including those from contractors, recently dismissed employees and even cleaning staff. Download this whitepaper to learn about the effectiveness of the Imprivata OneSign platform for countering insider threat.
Read now.
Physical/Logical Security Convergence: What It Means, Why It's Needed and How to Get There
Today’s corporate security infrastructure is a patchwork. Most organizations maintain multiple, separate physical and IT security systems with no integration among them. This situation has become a growing liability as security concerns and the need to address privacy and regulatory compliance issues grow. This white paper discusses what convergence means for businesses, the business drivers for convergence, and the Open Security Exchange's Convergence Roadmap to help organizations plan for and achieve convergence.
Read now.
Truth & Fiction with Single Sign-On
Technology products always seem to come “out of the box” strong and then wither amidst strong scrutiny. This was the case with single sign-on (SSO). What is sometimes ignored, however, is that any product with a strong need will reinvent itself to address the problems it contains. It is time for individuals to evaluate (or re-evaluate) SSO for their enterprises. This paper describes interviews and research associated with the value of single sign-on. It discusses key myths that were associated with SSO in the past and no longer apply to today’s technology.
Read now.
Directory vs. Databases: In Search of the Optimal Identity and Access Management Architecture
Traditionally, engineers attempt to balance the selection of individual components that go into a system by finding the best technologies to achieve the overall design objectives. We are taught early on not simply to choose what is most familiar, comfortable, or the "obvious choice," but rather, to focus on identifying the limitations of the components to make sure they do not compromise the integrity or robustness of the system. This design principle mandates that engineers challenge the premise behind component selection decisions, evaluating the capabilities and limitations of individual components and how they might compromise the operation of the overall system. This type of analysis differentiates designs that are merely functionally adequate from those that are rock-solid and built to scale to future needs.
Read now.
Enterprise Single Sign-On SOS: The Critical Questions Every Company Needs to Ask
Whether prompted by the compliance requirements of HIPAA or GLBA, the growing need to strengthen IT security, or mounting user frustration due to forgotten passwords, more and more organizations are thinking seriously about implementing Enterprise Single Sign-On (ESSO). According to Giga Research analyst Steve Hunt, "Enterprise SSO works well and makes sense. It is a secure, cost effective tool for adding value to an organization. It would be wise for vendors to implement it today."
Read now.
Enterprise Single Sign-On: The Next Big Win for IT
Every so often, a technology comes along that creates a true sea change in the marketplace. For example, virtual private networks (VPN) changed corporate networking forever by delivering a powerful combination of immediate return on investment (ROI), improved security, and greater user convenience. Indeed, by the time VPN technology reached its third generation, it radically altered the economics and capabilities of networking for companies of all sizes. The result? VPNs quickly became the de facto standard for remote connectivity.
Read now.