SNS's CRITSEC® system encompasses all organizational accesses across local computing desktops, laptops and devices and extends to remote network access as well as limiting physical access to facilities appropriately. The ability to leverage identity with a high degree of confidence across all assets in an agency or business is unprecedented, and ensures least privilege, prevention of access violations, and user provisioning and termination spanning all realms. CRITSEC® is implemented as a secure wrapper around current security infrastructures, interoperating with the leading IT infrastructures, and also allowing large segments of current physical security systems to remain useful and be interconnected. Offering significantly more than merely easing administrative burden, the ability of CRITSEC® to increase real-time situational awareness and response offers a higher level of security than what has ever existed.

The SNS CRITSEC® appliance converges IT/network and physical security, utilizing the built-in CRITSEC® IdMS (identity management system) for controlling authorized access to ALL of an enterprise's resources highlighting identity verification as the crucial intersection point. Solid identity management across the complete reach of an organization's assets can be centralized or decentralized, and administrators can recover keys if required. Capable of two and three factor authentication from a single credential, CRITSEC®'s IDMS manages the lifecycle of an identity across a federated environment, and includes lifecycle credential management for digital certificates, smart cards, and tokens with full auditing capabilities and forensics-quality logging. CRITSEC® enables an organization to utilize robust ANSI RBAC (Role Based Access Control) and is also FIPS 201 and FIPS 140 compliant. CRITSEC® allows management of risk from a comprehensive perspective, with a unified identity schema at the heart.

Business and Tech Advantages

Business advantages of ensuring secure, reliable identity verification and access to assets with a high degree of confidence are numerous, and translate to regulatory compliance and measurable reduction of risk. By being able to ‘prove’ who has and had access to specific resources across an organization, the ability to demonstrate the protection of confidentiality, availability and integrity are substantially increased. Also, some redundant systems can be collapsed into the converged appliance, and in ‘MBA 101’ cost savings mode – this occurs while security is actually being increased! Technical advantages of CRITSEC® are manifested when interoperability in a heterogeneous environment across logical and physical is required. This is attributed to the standards-based open architecture of CRITSEC® designed from the 'ground up' to encompass comprehensive organizational assets, and even accommodating some proprietary marketplace leader's tool suites. Technical security staff now have an advantage over an attacker as well - the knowledge of cross-discipline organizational patterns by individuals and correlation of events that would previously not occur until the ‘post mortem’ of an event is conducted are now possible.

Leveraging strong identity management and verification across physical and logical areas and throughout the lifecycle has yielded significant ROI, some unanticipated as this is a ground-breaking enabling technology. Multiple cases of fraud and identity impersonation were detected at the source point by the Colorado North Central Region when utilizing CRITSEC® for Hurricane Katrina evacuees for identity credential issuance. Collapsing of 'islands' of identity verification across physical and IT/network security arenas is an underpinning of HSPD-12 funding per the US OMB (Office of Management and Budget) and simultaneously allows for immediate termination of privileges for disgruntled ex-employees (and avoidance of workplace violence and lawsuits). Accountability of personnel for chargeable time and the ability to backup invoicing through irrefutable proof means millions of dollars can be appropriately allocated. By allowing remote reset of PIN codes utilized in the 2-3 factor authentication system, help desk calls are significantly reduced but more so, the security to the organization is actually increased because even strong yet vulnerable password policies are augmented through IDMS-related two and three factor authentication.

Copyright © 2000-2008 by Secure Network Systems, LLC.™
All Rights Reserved