Large enterprises often find it a costly and time-consuming task to build a system to manage the entire lifecycle of user identities and their associated credentials. Often these enterprises want user’s identities to be stored on employee badges that can be used for both building and accessing IT resources, as well as to buy meals in the enterprise restaurant, to enter company car parks.
Microsoft® Forefront Identity Manager (FIM) 2010 provides identity synchronization, certificate and password management, and user provisioning in a single solution that works across heterogeneous systems. As a result, IT organizations can define and automate the processes used to manage identities from creation to retirement. Gemalto has integrated its .NET digital security solution with Microsoft FIM 2010. The Gemalto .NET cards make digital interactions more convenient and secure for people and organizations. FIM manages credentials and security-related information directly within the Gemalto .NET card, which in turn works seamlessly in the Microsoft FIM 2010 architecture to replace weak username/password security with strong, device-based authentication. Furthermore, both OTP (One Time Password) and Certificate based authentication methods are supported by the .NET devices.
There is the clear benefit of convenience and service – firstly, the user only has a short PIN or OTP password to remember instead of a long complex one, and secondly, where-ever the user goes, their credentials go with them. Finally, their badge become the means by which their life is made easier – for example, change no longer needed for vending machines, easy access to car park or less time spent waiting to speak to the Help Desk because they have forgotten their password.
→ Gemalto .NET or Gemalto .NET Bio range of smart cards and Smart Card Readers.
→ Hybrid Card (contact-less) card bodies for combining physical and logical access.
→ SA Server (OTP authentication server): The FIM portal interface is used for all OTP administrative functions, while the SA Server works in the background for authentication.
Company badge provides a platform for adding other applications such as Secure Remote Access, Document Security (Signature and Encryption) and Data protection (File and Drive Encryption).