ID-SEC SOLUTIONS LTDIdentity and Access Management

Solutions

4SO4SOSSmart, mart, SSimple, imple, SSingle ingle SSign-ign-OOn Solutionn Solution

for for

Lotus NotesLotus Notes

CURRENT SITUATION

Lotus Notes is a highly secured messaging solution

10% – 20% of help-desk calls deals with password problems in Lotus Notes

A user forgot his Notes password won’t be able to use his mailbox

To reset password takes 4 hours in average and prevents the user to access his Notes account.

4SO – SECURITY PROBLEMS By copying the ID file and knowing the

password, user can take control of the other’s mailbox.

Different password policy for Active Directory and Lotus Notes.

When there are too many passwords to remember user tend to write the password on the screen, behind the keyboard or any insecure place.

ORDINARY LOTUS NOTES LOGIN

ID File

*******

User Start the Notes

client

User prompt to enter his password

Password uses to

open ID file

Notes client establish encrypted

session

4SO LOGIN PROCESS

ID File

4SO

*************************

User Start the Notes

client

Notes ask 4SO to supply password

4SO user details and provide Notes it long

password

Password uses to

open ID file

Notes client establish encrypted

session

4SO validate Active Directory

login ticket

4SO SOLUTION ADVANTAGES

Reduce help desk calls on Notes forgotten password.

Improve user experience along with improving Notes security.

Quick and simple implementation, less than 30 Seconds installation process.

Solution doesn’t based on Active Directory password, but Active Directory authentication.

Keeps the ID file password non human, 512 bit long.

TECHNOLOGY EDGE

Notes login based on user’s Active Directory Kerberos ticket.

Allow online and offline login to Notes. Offline login use when a portable computer don’t

have connection to the Active Directory domain and the user login to the computer using cache login.

SUPPORT

Lotus Notes client versions 6.x, 7.x, 8.x All Microsoft Windows versions Remote Desktop, Citrix Active Directory 2000, 2003, 2008 All Active Directory authentication methods

include user/password, biometric, smart card etc…

COMPOTITORS

Lotus Notes Password sync and Shared Login Pistol Star Notes ID File Password Storage - The ID Vault General SSO solutions (TAM, imprivata…)

4S

O s

up

port it a

ll

NOTES SHARED LOGIN (NSL)

You cannot use shared login if any of the following conditions is true:

you use a computer that does not run Microsoft Windowsyou use a Smartcard to log in to Lotus Notesyour User ID is protected by multiple passwordsyou are a roaming user that uses a roaming IDyou run Notes on a USB driveyou use a mandatory Windows profileyou are running Notes in a Citrix environment

4SO NSL General SSO

Pistolstar

Smart Cards ✓ ✗ ✗ ✓

Notes versions All 8.5 All All

Active Directory Multiple passwords

✓ ✗ ✓ ✗

Citrix ✓ ✗ ✓ ✓

Password strength

512 Bits Medium 6-10 Chars (Human base)

6-10 Chars (Human Base)

ID VAULT AND SSO SOLUTIONS

Use Servers to store the passwords – Single point of failure.

Keep a human based password – 4SO have a very long password

SUCCESS STORIES

Major bank in Israel – 13,000 Users, works since 2008, not even one support call.

Ministry of Finance – 2,000 users, works since 2009, not even one support call.

Ministry of Interior – 2,000 users, works since 2009, not even one support call.

Civil Services – 1,300 users, works since 2009, not even one support call.

Governmental Organization – 3,500 users, works since 2009, not even one support call.