Reduce up to 50%
helpdesk calls for password reset*
107€ per user/ per year
Password-related helpdesk support and lost employeeproductivity*
To follow or contact us:
*based on analyst reports
What is SSO aaS (Single-Sign On as a Service)?
SSO (Single-Sign On) is the functionality that allows users to sign-in (authenticate) only once during a whole session, no matter how many applications are being accessed. They can then access their data transparently, without the constraint of retyping a new user name/password couple.
By creating an obligatory passage point between a user and its applications, an organization can effectively control the accesses. Moreover, a log of these accesses and administration operations is kept centrally, which facilitates audit. This facilitates compliance with confidentiality, integrity and availability requirements.
Evidian Enterprise SSO aaS (Single Sign-On as a Service)
Companies adopt more and more SaaS applications to lower their cost and increase agility.
Evidian Enterprise SSO as a service provides a seamless user experience by not requiring users to constantly re-enter passwords, one for each corporate and cloud application and/or environment. It generates strong passwords and connects your users to their applications automatically. These goals will be achieved without having to take on unnecessary infrastructure expenses or development burden, generating economy of scale.
With Evidian Enterprise SSO:
► Free users from remembering and typing passwords
►Provide agile Single Sign-On to all users, businesses and organizations
► Strongly increase the security level as well as the user satisfaction
► Prevent from fraud based on stolen password
► Secure sharing and delegation of credentials
► Easy to use Secured Password Vault
► Reduce help desk and employees password management tasks
► Pay per user – charging of recognizable units
Less complexity, more security
By automating password management, Evidian E-SSO simplifies your users’ lives and lets you drive your security policy.
With E-SSO as a service, you benefit from a solution easy to deploy and ready to use, freeing your organization from administration tasks and infrastructure management.
Simplified access and re-enforced security
Evidian Enterprise SSO as a service eliminates one of the primary threats of security: bypassing password procedures. Now, users no longer have to remember a multitude of credentials. They simply have to remember their main password. You will limit password sharing between your employees as well as passwords written down in an unsecure way … It also avoids multiple use of the same password for several applications.
Evidian E-SSO can transparently manage strong passwords for each application. Through a particular policy, you can require a re-authentication to allow Single Sign-On to be performed on sensitive applications.
Evidian Enteprise SSO provides one unique authentication to login to authorized applications. Users are no longer required to type or memorize passwords across multiple applications, and significantly reduce time needed for daily tasks. Furthermore, by reducing password fatigue it will also reduce calls to the helpdesk up to 50%.
Optimise your cost
Every call to the helpdesk generates costs. Thanks to Evidian E-SSO, you can reduce these calls by up to 50% as employees no longer lose application passwords. Moreover, you avoid the costly procedures that occur when accounts are locked after password errors.
Audit and report
You can monitor your employees’ attempts to access applications. An audit trail of all accesses, who accessed what at which time, is maintained and can be made available on request. This will enable you to demonstrate that your access policy is observed and fulfills its objectives.
Business Oriented – Ready to use
The main function of the product is to prevent users from entering a username and password for each application used. It also allows a user to delegate access to an application (define at enterprise level) to another user without having to disclose their password.
With Evidian E-SSO as a service, you benefit from a solution easy to deploy and ready to use, freeing your organization from administration tasks and infrastructure management.
Starting with Evidian Enterprise SSO as a service
• When the solution is first started on a user’s workstation, user is registering through an OTP sent by email. No need to remember a master password. Registering on additionnal workstations will be made through OTP sent by email.
• Access to applications is simple but also with a high security level.
• Evidian Enterprise SSO can change the password automatically with random passwords according to a strict policy that you define.
• The service supports the definition of separate and different password policies for each application.
• The service enforces the application password policy at every level: length, complexity, random generation, modification and expiration.
• The passwords are stored in a secure personal vault that is protected with state-of-the-art encryption.
• The key to access the SSO data is linked to each user and registered workstation.
• Secure access to hybrid environments, both web and non-web applications using login/password, can now be guaranteed while keeping your existing infrastructure unchanged.
• Through a particular policy, you can require a re-authentication to allow Single Sign-On to be performed on sensitive applications.
Quick and easy deployment
Evidian Enterprise SSO as a Service can be deployed quickly:
• Existing applications and repositories do not have to be modified.
• Existing accesses will be collected and reinforced. You do not have to redefine any access rights.
• The SSO as a service offers a set of self-service procedures. When enabled centrally, your end-users can securely self-enroll and register themselves to activate the Single Sign-On service.
No more access rights administration tasks
Managing users for dozens of applications has become time-consuming and also a financial handicap for the company. By centralizing and managing usernames and passwords, Evidian Enterprise SSO as a service allows administrators to spend more time on developing other systems and improving performance rather than password management tasks.
Secure user to user delegation
With Enterprise SSO as a service, a user can delegate access to an application (define at enterprise level) to a colleague, without calling the helpdesk. He can do this without sharing his password, and for the time period he decides. The user can therefore anticipate his absence. The access delegated is logged and auditable.
Password-free access to your mobile applications
Evidian Enterprise SSO as a service delivers a solution that extends the Single Sign-On to Android and iOS tablets and mobile phones. It automatically and securely stores passwords in your mobile. It also enter application passwords for you. It synchronizes your credentials with your central vault in the cloud to make them available from your PC and mobile devices.
Non-intrusive and universal solution
You don’t have to modify any of your applications. Evidian Enterprise SSO activates Single Sign-On in many types of applications: Windows, web, terminal emulator, etc.
Evidian Enterprise SSO as a service can be run from a Windows workstation, Windows server, and from virtual desktops (Citrix, Microsoft, VMWare…).
Evidian provides a series of IAM consulting services to help you build your identity and access management project. These services cover three principle domains:
► Implementation/demonstrator’s assistance with implementation/model
► Advice and audit services
► Design: technical architecture with the constraints of high availability (IT safety plan), detailed IAM functional specifications (workflow, policy, upstream and downstream provisioning), SSO and strong authentication, Web SSO.
For our E-SSO & Authentication Manager, WAM, IAM and SafeKit products, Evidian offers to implement a POC (Proof of concept):
Audit & services
The advice and audit group offers to support you with:
- Preparation studies
- Defining the project (outline, project plan, WBS)
- The design stages of the identity and access management solution.
We will spend time specifically on considering the organisational and technical aspects of such projects, and the ROI: financial, for users, professionals, IT support teams and of course security teams (implemented from an SMSI, professional regulatory constraints: Bale II/III, Solvency, HIPAA).
With regard to audit, the methodology adopted is the following:
Here are some examples of consulting tasks that can be achieved in Evidian:
|Audit of the existing set-up|
|Proposing a management model for the organisation’s authorisations with Policy Manager|
|Needs assessment in terms of strong authentication|
Evidian offers you support in the design phase of your project using our E-SSO & Authentication Manager, WAM, IAM and SafeKit products.
Here are some examples of tasks that can be achieved in Evidian:
|ESSO technical and functional specifications|
|WAM technical and functional specifications|
|IAM technical and functional specifications|
A major player in the aeronautical sector, let’s call it X, decided to provide shared access for all its branches and divisions. At the same time, X had set up a private cloud to store the access portal and shared services. To facilitate access to these services, X wished to offer a Single Sign-On service to its users, and extend this service to all its divisions.
X wanted to simplify the authentication process for users to access the “cloud”, which had to comply with four successive authentications at the time.
We analysed the existing portal
It was a web application installed in the “cloud”, federating access to all divisions, and allowing access to the shared resources of the company. The “cloud” contributed to direct access to shared services such as the CRM, intranet applications, HR, etc.
Choosing the right technical solutions:
- E-SSO (Enterprise SSO): An SSO device is installed on each workstation. Whenever the user enters a login/password, the SSO remembers it locally. After the user has successfully logged on, the SSO agent waits for the application’s login request. It intercepts those requests and automatically fills in the fields.
- Web SSO: Web SSO is an extension of the E-SSO device, designed specifically for web applications. A web portal is the interface between the client and the applications.
- SSO federation.
Analysing each scenario:
- Scenario 1: Using E-SSO for various divisions
- Scenario 2: Using WAM for the main portal and offering E-SSO as an option
- Scenario 3: Integrating the access portal into the WAM and offering E-SSO as an option.
Analysing the costs: in terms of equipment, licences and effort required to implement each scenario.
Offering an analysis of the different scenarios: selection criteria, decision matrix, SWOT table.
Find out more
Complete the form here >>, and you will be contacted by one of the technical agents for this implementation.
The Evidian expertise centre helps its clients and partners to implement their projects, offering reliable expert assistance with its products and IAM solutions.
They occasionally run projects from end to end:
► to establish reference points in new geographical areas
► to carry out pioneering, innovative projects, in new technological environments.
In order to do this, they maintain a methodology for carrying out IAM projects, implementing company SSO projects and extending remote access projects.
Evidian has developed its own IAM methodology, and demonstrated it with large prestigious accounts: it allows you to use the main building blocks of the IAM structure in an incremental yet consolidated way: constituting the identity reference, managing roles, etc.
To facilitate the implementation of our User Access Services solution, the Evidian expertise centre supports its clients in the use of its security solutions. Over the years, it has acquired strong skills in implementing Evidian solutions in a complex environment.
These skills are a determining factor that will ensure the quality of your project.
We propose, through a complete service offering, to bring on board a team of Senior security consultants that are certified for CISSP, Microsoft, etc.
Our service offering takes clients’ needs into account in terms of flexibility, availability and the means of implementation.
The Evidian expertise centre participates in the complete life cycle of implementation projects, delivering Evidian Mobility solutions alone or with partners. We deliver customised services to define the architecture, and plan and implement the solutions offered to our clients.
Microsoft SharePoint was quickly adopted by professionals to share documents which are often confidential. A large European airport wished to publish links to applications stored internally. This raised the question of secure access and access controls to these applications.
The solution proposed to the airport allowed them to secure access to Microsoft SharePoint as well as to their internal applications. The Evidian expertise centre demonstrated a solution to allow professional collaboration between internal staff and partners in full confidence, with the following characteristics:
– Transparent NTLM authentication for internal users
– Weak authentication with a different account from the Active Directory one for internal users when they connect from outside
– Strong authentication by Mail OTP for partners that work in the airport
– Integrated access control while maintaining the SharePoint user interface
– Protection of SharePoint and internal applications against any attack
– Single Sign-On for SharePoint and internal applications offered by the airport to internal users and partners
Find out more
Complete the form here >>, and you will be contacted by one of the technical agents for this implementation.
The Evidian expertise centre.
The Evidian expertise centre makes the best experts available to you, to support you throughout the life cycle of your security solution:
Upstream: set out a specification, verify the principles, etc.
For the implementation: installation, configuration, customisation, … or turnkey implementation
Downstream: training operators, usage, maintenance in operational condition, etc.
The forty experts may participate in all aspects of operations from units based in: Paris, Cologne, Manchester, Brussels, New York and Tokyo.
Evidian Support consists of an international team of experts who will help you get optimal use out of our products in your specific environment every day.
Evidian Support prioritises the establishment of a real partnership, guaranteeing better response times to resolve incident tickets.
Our Support programmes allow you to establish a response adapted to your needs, whatever they are:
► Standard Support & Maintenance for access to updates and the support knowledge database, submitting incident tickets and assistance during working hours.
► Platinum Support & Maintenance for customised high-level support in a complex environment with availability constraints.
All the Support services are accessible on the support portal.
Support assistance is requested by opening an incident ticket with the Calldesk.
After opening an incident ticket, the nearest Support Centre experts will contact you.
Worldwide locations for Evidian Support:
|EMEA||Atos – Evidian, France, 78340 Les Clayes-sous-Bois, France||French – English|
|Atos – Evidian, France, 69578 Limonest||French – English|
|Atos – Evidian, Germany, 51149 Cologne||German|
|Atos – Evidian UK, England, Macclesfield, Cheshire||English|
|NORTH AMERICA||Atos – Evidian Inc. USA, New York, NY 10038||English|
|APAC||Atos – Evidian Japan, Japan, Tokyo 150-8512||Japanese|
Standard support and maintenance
Standard Support and Maintenance gives you access to the following services:
- Protected access, 24/7, to the support portal
- Advice and searching the support knowledge base for solutions
- Submission of and advice on incident tickets
- Remote assistance from experts at the Support Centre during working hours
- Providing new corrections
- Downloading versions, updates and product service packs
- Downloading product documentation
- Registering for the Information Bulletin publications and Support News (RSS feed).
Remote assistance is provided during working hours by the Support Centre, from Monday to Friday. Support is requested by opening an incident ticket in the support portal.
Platinium support and maintenance
Platinum Support and Maintenance offers customised support that takes into account the complexity of your technical and organisational environment. It responds to your service level needs and your contractual availability (SLA) by offering close monitoring and proactive support actions.
An Account Monitoring Technical Lead within the Support organisation will be your personal point of contact for all questions and incidents related to the products. They implement and run pilot projects for customised services:
- Monitoring meetings and provision of dashboards
- On-site visits for proactive support actions
- The implementation of a customised escalation procedure
- Faster response times
- 24/7 assistance with critical production incidents.
These services are in addition to services provided with Standard Support and Maintenance.
For certain products (*), the support team can keep a reference copy of your version with the list of corrections specific to your configuration. This service allows improved responsiveness with greater security, when emergency corrections are made during production.
(*) Authentication Manager & Enterprise SSO 8.0x, Identity & Access Manager 9.0x.
Training makes a significant difference to projects. The in-depth knowledge of Evidian products makes participants much more productive and allows for predictive project planning.
Our clients are constantly working to improve their productivity and profitability in an increasingly competitive market. To this end, they adopt new technologies with solutions that meet their needs exhaustively but are also social and open with a long and productive life. Our partners use Evidian products to implement these solutions. They can all attend training and certification programmes offered by the Evidian Institute in order to take advantage of Evidian products and make best use of the technology.
After attending the Evidian Institute training sessions, each person, depending on their job and their role within the project, will be in a position to effectively determine the best configuration and final architecture of the solutions. It will also improve the participants’ confidence in their capacity to rapidly implement projects and meet deadlines. Some of them will learn how to adapt the solutions to the needs of the end client for a minimal cost. Others will learn how best to take advantage of the numerous and powerful functions of Evidian products.
With Enterprise SSO as a service, you benefit from a solution easy to deploy and ready to use, freeing your organization from administration tasks and infrastructure management.
Authentication manager: Windows MFA (Multi-Factor Authentication)Windows MFA covers all authentication scenarios for a user accessing one or several PCs, or for several users sharing the same PC.
Visit solution page >
SSPR (Self-Service Password Reset)The SSPR solution provides a full set of audit trail reports of WHO resets a Windows password WHEN and from WHERE.
Visit solution page >
Identity Governance and AdministrationControl identities and rights to enable business transformation.
Visit solution page >
Web Access ManagerThe central point of access to all your applications.
Visit product page >
Analytics and IntelligenceDetect Suspicious behaviour and improve governance.
Visit product page >