Many companies are apprehensive about implementing UMRA when they are in the middle of a migration process to an Active Directory (AD) environment. A common misconception is that the migration must first be completed before UMRA will work properly, another is that starting a different project during the process of migration might overcomplicate matters, and delay the project deadline. However, the truth is that UMRA assists migration both pre and post project and streamlines the process. Tools4ever provides indispensable project management expertise which speeds up the migration process.
There are two common migration scenarios. The first of which is domain consolidation -multiple AD domains being collapsed into a single domain. In this scenario UMRA is able to recreate the user account and, more often than not, retain the username in the new domain. In a situation where the migration results in the duplication of names, organisations can choose to implement new naming conventions.. UMRA will create a new user name and alert end users, via email, what their new username will be along with the date from which that name will be valid. .
Not only is the user migration process streamlined, but the resources of those users are as well including items such as group memberships and home directory data. As users are migrated UMRA will retain their group memberships, if one of groups doesn’t reside in the new domain UMRA will create it automatically. Home directory data can either be copied to a new server in the new domain or re-permissioned on the existing server with the SID of the newly migrated account.
UMRA also assists and eases the migration process by:
Eliminating Pollution-Most migration tools will copy 1:1 which will include erroneous and/or stale accounts. However UMRA migrates users by reconciling them against a HR/SIS system so that pollution is not included. Activity reports on un-used groups are generated so that these objects are not migrated.
Fill Attributes-When migration takes place there might be some missing information such as “title” or “Department”. UMRA automatically populates this information as needed.
Monday, 22 August 2011
Wednesday, 17 August 2011
What's in a password?
What’s in a Password?
Can password combinations put network security at risk?
A recent report* has shown that less than 1% of employee passwords are random sequences, with the majority of workers choosing simple combinations. These can easily be deciphered and therefore could put network security in jeopardy. For example, a startling 14% of passwords were found to be as basic as a first name and surname combination. e.g (JohnSmith)
The study also revealed more startling results:
• 8% of passwords contained place names – most included the area where the person lived or was born (LondonUK)
• 14% of passwords were purely numeric and in some cases consisted of consecutive numbers (12345)
• 25% of passwords were random dictionary words (computer)
• Another 8% or so were made up of keyboard patterns, short phrases, words within the email address, and repeating words (asdf, myblackcat, @apple, redred – respectively)
These results provide a concerning insight into how easily the security of networks can be breached, even when password complexity rules are put in place by system administrators. It also highlights the increasingly important role of identity management software in protecting businesses against these risks.
There are a number of solutions that can be put in place, one of which is two-factor authentication. This requires securing the primary login using a pass-card or biometrics. Users log-in by presenting a pass-card/biometric to a reader and entering a PIN code rather than the standard username and password. Combining a pass-card/biometrics and a PIN code ensures a much stronger authentication, minimising the possibility of a network breach.
Tools4ever’s Enterprise Single Sign On Manager (E-SSOM) offers full integration with all common two-factor authentication readers, such as HID, Mifare, Biometrie, Gridtoken, proximity-based devices and RFID readers. E-SSOM offers native integration with the driver software of the (card) reader and links the pass-card ID to the user credentials (username/password) in Active Directory. No additional software is required to create this link guaranteeing a user friendly and secure login for all users.
For more information visit http://www.tools4ever.com/products/enterprise-single-sign-on-manager/
*Source: The science of password selection by Troy Hunt
Can password combinations put network security at risk?
A recent report* has shown that less than 1% of employee passwords are random sequences, with the majority of workers choosing simple combinations. These can easily be deciphered and therefore could put network security in jeopardy. For example, a startling 14% of passwords were found to be as basic as a first name and surname combination. e.g (JohnSmith)
The study also revealed more startling results:
• 8% of passwords contained place names – most included the area where the person lived or was born (LondonUK)
• 14% of passwords were purely numeric and in some cases consisted of consecutive numbers (12345)
• 25% of passwords were random dictionary words (computer)
• Another 8% or so were made up of keyboard patterns, short phrases, words within the email address, and repeating words (asdf, myblackcat, @apple, redred – respectively)
These results provide a concerning insight into how easily the security of networks can be breached, even when password complexity rules are put in place by system administrators. It also highlights the increasingly important role of identity management software in protecting businesses against these risks.
There are a number of solutions that can be put in place, one of which is two-factor authentication. This requires securing the primary login using a pass-card or biometrics. Users log-in by presenting a pass-card/biometric to a reader and entering a PIN code rather than the standard username and password. Combining a pass-card/biometrics and a PIN code ensures a much stronger authentication, minimising the possibility of a network breach.
Tools4ever’s Enterprise Single Sign On Manager (E-SSOM) offers full integration with all common two-factor authentication readers, such as HID, Mifare, Biometrie, Gridtoken, proximity-based devices and RFID readers. E-SSOM offers native integration with the driver software of the (card) reader and links the pass-card ID to the user credentials (username/password) in Active Directory. No additional software is required to create this link guaranteeing a user friendly and secure login for all users.
For more information visit http://www.tools4ever.com/products/enterprise-single-sign-on-manager/
*Source: The science of password selection by Troy Hunt
IAM: David versus Goliath
IAM: David versus Goliath
Towards the end of 2010, Gartner published its ‘Magic Quadrant for User Provisioning’ report. In it, Gartner outlines its vision for Identity & Access Management (IAM) for the near future as well as associated trends
But does this mean you should do business with them?. The Magic Quadrant draws a distinction between leaders, challengers, visionaries and niche players. In the User Provisioning quadrant, the market leaders tower above all other players. These leaders include global giants such as Oracle, IBM, Novell and CA, yet other vendors are closely grouped inside other quadrants. This seems to suggest that this elite group have a clear monopoly in this sector.
I have noticed more often than not, that when companies start IAM projects with solutions from elite vendors, they use a high-grade product as the centrepiece, and build an IAM solution around it. They often try to create a utopia that requires intensive modification of the IAM solution. They start by automating organisational processes (workflow management and RBAC) and then automate IT procedures for user account management across the network. The problem with this is that automating organisational processes is very difficult, and imputing the required authorisation information in an RBAC system is even more daunting. Also, organisational changes are bound to occur during the course of the project due to long lead times. As a result, these projects are often abandoned after a substantial investment has been made, or are only partly taken into production.
Therefore selecting a vendor belonging to this ‘elite group’ does not necessarily lead to a successful IAM project –something Gartner acknowledges in its report. Elite vendors often use heavyweight project structures and impose a large number of conditions. Gartner notes that far too complex approaches tend to run IAM projects aground.
Gartner also highlights various issues, scenarios and requirements that an IAM vendor should cater for. Going against the norm, niche player Tools4ever, meets all these requirements. Its success can be attributed primarily to the following aspects, which correspond to the key factors identified by Gartner:
- The responsibility for the implementation is not divided between the vendor and implementation partner. For years Tools4ever has maintained that the success of an IAM implementation is determined by the skills and expertise of the IAM consultants involved and cannot be left to the implementation partner.
- A phased approach: One of the key elements of Tool4ever’s methodology. By splitting up IAM projects into various smaller subprojects, slow progress can be prevented and solutions can be provided in number of days as opposed to the industry norm of weeks. IAM cycles can often be split up into steps, each of which will yield tangible results.
- Modularity: The technical solutions have a modular set-up that simplifies further development. This means preliminary results are achieved rather than endpoints.
- Flexibility: The IAM cycle usually starts with streamlining the current operation. Optimising existing processes will free up time and resources to focus on the next steps.
- An end-to-end portfolio: Tools4ever offers customers an end-to-end portfolio of solutions that have proven their worth in our customers’ production environments. Tools4ever is also just as proficient in the role of part supplier.
Thanks to Tools4Ever’s approach, virtually all projects are successful. Customers now find themselves in a situation where they can easily cater for future IAM trends or the next phase in current trends.
So, just like the age-old fable of David and Goliath- the underdog can come out on top. As long as they’ve got the right tools.
Subscribe to:
Posts (Atom)