Functionality isn't everything

THERE ARE A LOT of access and password management products on the market, most of them performing similar functions. But that doesn't mean they're all the same from an agency's point of view.

'You can't make a decision based just on functionality,' said Nelson Martinez, director of support services at Miami Beach's Information Technology Department. Access, identity and password management are critical functions and store a lot of sensitive information. 'You have to consider the security profile.'

Martinez eventually settled on the OneSign platform from Imprivata, a client/server system that has a dedicated hardware/software appliance for a server.

One of the goals of password and access management, after all, is to improve security. In his search for security along with function, Martinez wanted a product that would provide a heterogeneous environment. Most of the products he looked at were software packages running on Microsoft servers. He was leery of them because he did not want to put password management on a server with known vulnerabilities being targeted by hackers.

'One of the reasons I decided to go with Imprivata was the fact it was an appliance solution running a lightweight, non- Microsoft operating system,' Martinez said.

OneSign runs a hardened Linux operating system. The only functionality Martinez said he has sacrificed by going to OneSign is the ability to establish more detailed password profiles. 'In that sense, Windows is lacking,' he said. He added that he would like to see Imprivata include middleware in its product that would allow the use of more flexible password requirements with Microsoft Active Directory.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected