Tivoli revealed plans last week to integrate IBM's single sign-on technology into its Tivoli Security product suite.
The goal is to give IT managers centralised password management and let users access multiple applications using a single password, thereby reducing support costs, boosting productivity, and increasing security, Tivoli claims.
The 1998 Ernst & Young Information Security Survey found that 62% of respondents ranked multiple log-ons and passwords as a top security concern, since users often write them down and post them on their computers.
"CEOs and other managers don't understand why they have to have so many passwords," said Robb Dongoski, manager of national enterprise systems management services at Ernst & Young.
Tivoli Global Sign-On will prompt users for their log-on information when they boot up their computers, then use it to gather other log-ons and passwords from a secured database using 56-bit data encryption.
However, some IT security firms believe this is inherently insecure.
"The overall level of security isn't great with single sign-on systems," claimed Ian Walker, technical director at security firm Entrust. "Large organisations after complete security need to be looking at certificate-based authentication and away from sending passwords over a network that can be easily hacked."56-bit encryption is not considered strong and a single security server means a single point of failure."
But Stefan McKenzie, security product consultant at Tivoli, countered: "The reason there has not been a big uptake for single sign-on security systems is that they have not been integrated into an administration system.
The global sign-on software from IBM is managed by Tivoli's central user administration suite and can monitor exactly who's doing what over the network."
McKenzie pointed out that the strength of encryption of the Tivoli system is the standard for export outside of the US. "It uses the DES standard for encryption and Kerberos for authentication," he said. "The marketplace for certificate-based authentication is still very immature and our customers don't have PKI applications to support."
Tivoli Global Sign-On, available now, costs from #1,545 per server and #58 per client.
The site is perfectly situated for launching small satellites into orbit
Delegates at the ESOF 2018 conference were warned that their perceptions of the digital age were coloured by private industry
Concept vehicle uses gas turbine technology to generate electricity
Fresh from the notes of Ming-Chi Kuo of TF International Securities