Security Basics mailing list archives
RE: Self Service Password Resets
From: "JamesCHanlon" <JamesCHanlon () comcast net>
Date: Mon, 6 Apr 2009 10:59:02 -0400
Have you looked at the Imprivata One-Sign product? After evaluating a large number of these solutions for many years (starting when I was head of security for a Fortune 150 company), I had all but given up hope that someone would actually produce a product that was practical and would live up to what was needed in the real-world. Hands-down Imprivata is the best product we have seen in the market. Not only does it provide the services you mentioned below, its interaction with other products and services are excellent. One thing that I like is that it is scalable and practical for all sizes of organizations. Also it did not make any changes to the ID systems (such as Active Directory). It is fairly easy to implement with a terrific graphic interface that learns the login methods and jumpstarts the login profiling that can be reused for similar access types. Because it worked independent of the server platforms it is able to integrate various versions of Active Directory, Novell, Mid-Range, mainframes, Citrix, any flavor of UNIX we could get our hands on with web based, legacy, and green screen applications. When they added the physical/logical component it allowed a link between the physical access control systems and computer access making it possible to create policies that reacted to whether the user was in a facility or connecting remotely. This was very helpful when you have to terminate access across a large number of different systems. The reports are also great for compliance reporting. The training and support are superb. They treat you like your success is personal to them. Jim JC Hanlon Consulting, Inc. Phone: US (586) 435-6231 Website: http://www.JCHCI.com Helping Protect your Clients, your Business, the Homeland This electronic message and all contents and attachments contain information from the firm JC Hanlon Consulting, Inc. and/or its affiliates, which may be privileged, confidential or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not the addressee, or otherwise have reason to believe that you have received this message in error, then any disclosure, copy, distribution or use of this message, or its contents or any of its attachments, is prohibited. If you have received this electronic message in error, please notify us immediately and destroy the original message and all copies. Neither this information block, the typed name of the sender, nor anything else in this message is intended to constitute an electronic signature unless a specific statement to the contrary is included in this message. ________________________________ -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Campbell, Josh Sent: Tuesday, March 31, 2009 10:46 AM To: 'security-basics () securityfocus com' Subject: Self Service Password Resets Hello list, I work for a public university and my manager has asked me to look into a self service password reset solution. We have many employees that do not work on campus or even in the same state (adjunct professors). Currently when they forget their password we have them go through several hoops to get their password reset, including faxing over some ID and having their department head contact us. This was originally designed to be a hassle in hopes that we wouldn't get very many "repeat customers" for forgetting their passwords. Anywho, I was wondering what solutions other people out there are using for this type of thing? Ideally we would like something that a user could go to from their web browser at home or any computer not on our network and they would be forced to answer a series of challenge questions (I know this brings up the point of them forgetting the challenge questions too but let's not even go there). We use MS Active Directory so that would also be a requirement for the solution. Thanks in advance! -Josh C ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute No time or budget for traveling to a training course in this fiscal year? Check out the online information security courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Self Service Password Resets Campbell, Josh (Apr 02)
- Re: Self Service Password Resets A K (Apr 03)
- RE: Self Service Password Resets Campbell, Josh (Apr 03)
- RE: Self Service Password Resets Mailvaganam, Hari (Apr 03)
- RE: Self Service Password Resets Siscar, Emerson E. (Apr 07)
- RE: Self Service Password Resets Daniel A. O'Neal (Apr 06)
- RE: Self Service Password Resets Craig Gee (Apr 06)
- RE: Self Service Password Resets JamesCHanlon (Apr 06)
- <Possible follow-ups>
- FW: Self Service Password Resets kevin fielder (Apr 08)
- Re: Self Service Password Resets A K (Apr 03)