Smart Identity and USER+: customed security and access flexibility

2020-03-26T12:49:41+01:00March 26th, 2020|

Automated and centralized Thin Client-like management

The adoption of Thin Clients is not only an architectural solution useful for creating large infrastructures that offer computational capabilities on a large number of workstations at a lower cost, with lower consumption and greater longevity, compared to the use of normal PCs.

The advantages acquired are such as to push many large companies to convert their traditional PCs into Thin Clients via software.

Flexibility, efficiency and customization for each use case

The enormous benefit, in fact, lies in being able to manage in a totally centralized and automated way, therefore with absolute efficiency, all the operations that allow you to establish how to use the workstations. In this way, it is possible to create customized solutions for each use case with a single tool, which at the same time guarantees:

  • To the IT administrator: infrastructure security, controlled use and immediate scalability of the workstations;
  • To the end user: uniformity of work environments, simplicity and optimal user experience;

without requiring user actions or compromising the necessary degree of flexibility.

A striking example of the intersection between the benefits for the administrator and the user is what Praim offers through the ThinMan Advanced edition management software, with the USER+ feature pack.

USER+ and Smart Identity: real scenario

How to provide GDO employees the opportunity to move around the store and quickly access/leave (log-on/log-off) the workstations, ensuring the quickest possible use of their resources without the workstations being unlocked (and therefore accessible to shop visitors)?

How to support hospitals and health facilities in easily managing access to workstations by different figures (doctors, nurses,…), ensuring everyone the specific environment for their skills, greater protection of sensitive data to which only doctors can access, but also simplicity and speed of access for everyone?

Finally, how can security in access to corporate resources be strengthened in contexts subject to strong regulatory compliance constraints (such as in the banking and insurance world)?

The answer is in Smart Identity, the functionality offered by Praim as part of the USER+ feature pack that automates and simplifies two-factor authentication and the use of alternative credentials to the password for access to managed stations, both ThinOX and Agile. Smart Identity supports the use of different types of smart card readers and RFID cards (therefore also NFC) through which personal company access badges can become a valid physical identity attestation tool or a means of accelerating the log-in and log-out from a workstation.

With a few clicks in ThinMan, the administrator has total control of the users who access the system, while Smart Identity strengthens security because it allows you to enable different types of access and security, in a granular way, through specific policies for the individual user or user groups. It is possible, for example, to request the definition of PIN to give secure and quick access in combination with a password or card. The use of the card can be set according to the use case to request (“contact”) constant contact (therefore the workstation will be accessible only as long as the card is inserted or placed on the reader) or just instant proximity (“tap”) to control log-in and log-out actions.

ThinMan Advanced with USER+ allows the IT administrator to define different Smart Identity strategies to be applied through User Policy to specific groups of users (single, or grouped by assignment, department, etc.) on the basis of identity, group or corporate domain. USER+, in fact, integrates with (one or more) LDAP-based business directory services (such as Active Directory), allowing authentication on workplaces, wherever distributed, to corporate users through their own credentials already in use. The user policy also allows you to customize the work environment (desktop) on a user and role basis.

Smart Identity and USER+, solutions to scenarios

Let’s go back to our three cases… Here is how with Smart Identity we can define optimal access methods for every need:

GDO: access through card in contact mode; by placing the card on the Smart Identity reader it will automatically launch the connection and login to the operator’s desktop, protecting the workplace as soon as the card is removed, “following” the operator with his/her resources on the next device used.

Healthcare facilities: facilitating and speeding up the log-in by differentiating in ThinMan the nurse profile, with proximity card, and the doctors’ profile, for which an additional security factor is provided, but still quick, such as the PIN, as well as a desktop enriched with more resources.

Banking and Insurance: all company employees may be required to authenticate by using a password to be used in conjunction with a company card used for accessing the office, to ensure that the user is physically at his workstation.