XyLoc Proximity Based Access Control

1
XyLocProximity Based Access Control
2
Ensure Technologies

• Innovative developer of XyLoc, a patented
  wireless security solution that provides full
  time, personalized PC access control
• Founded in 1997
• Based in Ann Arbor, Michigan with global
  distribution
• Over 40,000 systems deployed worldwide

3
Sound Familiar?

• We need FASTER and more CONVENIENT access to
  applications and data on our shared PCs
• Our PCs are located in non-secured public areas
  and can be viewed and possibly accessed by
  unauthorized individuals
• Our current system secures the log on process,
  but leaves the system vulnerable if the user does
  not lock the screen or log off the PC when they
  walk away
• XyLoc addresses these issues with FULL-TIME,
  PROXIMITY-ACTIVATED access control and Simplified
  Sign On

4
Identification Authorization

• THEORY
• Strong passwords
• Users log off PC or use some form of password
  protected screensaver
• Workstations are not shared
• Passwords are not shared
• SSO secures transactions

• REALITY
• Weak passwords (or none)
• PCs are logged in all day
• Screen savers are tedious and bypassed or not
  enabled
• Workstations are shared
• Passwords are shared
• SSO secures only if you can be assured of the
  sender

5
XyLoc Overview

• XyLoc uniquely addresses internal security
  issues while making access faster and more
  convenient for the user
• Access to application(s) is controlled by users
  location relative to PC
• Provides full time access control, effortlessly
• Simplified sign on
• Walk away security
• Provides audit log for each user

6
XyLoc Benefits

• XyLoc provides security, convenience and
  personalization
• Ensures security policy adherence
• Presence of the user is continuously verified
• User no longer needs to log on each time they
  return to PC
• Can be deployed with smart cards and biometric
  solutions to provide stronger layer of security
• Provides a continuous user audit log

7
XyLoc at Work

• Inactivity timers dont provide an ideal
  security solution setting the timers too short
  forces users to constantly re-enter passwords to
  re-authenticate. XyLoc and its single sign-on
  capabilities have also made life much easier for
  us by reducing the number of passwords our users
  need to remember and enter.
• - Ryan Eldridge, IT Manager, Lincoln Bank

While it would have been easy to use biometric
devices or smart card readers just to
authenticate our users, only XyLoc combined easy
authentication with full-time access control to
automatically secure the PC the second the user
steps away. - Todd Yarborough, Senior Manager,
Global Productivity, Banner Pharmacaps
8
Typical EnvironmentsXyLoc can be used with
unique accounts, shared KIOSK accounts, or a
combination

• Individual Accounts
• Each user logs onto the network using a unique
  account and password
• User then has access to their unique desktop
  profile and applications
• More secure

• Shared Kiosk Accounts
• Shared PCs are continually logged on to the
  network with a generic user account
• Application level security is enforced so users
  log into programs with unique user ID and
  password
• Faster and more convenient

9
How XyLoc Works

• User wears a XyLoc badge, analogous to a smart
  card
• Radio frequency signals identify the user to the
  devices in the user adjustable Active Zone area
• XyLoc stores application user ID and password in
  an encrypted database and forwards the
  credentials to the application when required for
  access Supports Windows, Browser, and Terminal
  Applications

• Based on the ID information contained in the
  badge, the user is granted or denied use of the
  PC/application as they enter or leave the Active
  Zone

10
Full Time Access Control

• Walk away security
• Fast, hands-free, logon logoff based on
  proximity of authorized user
• Protects use of the application, device and the
  information it contains
• Unlike a password or biometric, protection is
  continuous
• Provides a continuous user audit log
• Single or multi-factor authentication
• key, key password, or key biometric

11
XyLoc Simplified Sign On

• Secure
• Supports secured kiosks and roaming system
  access
• User ID and passwords are encrypted and stored on
  secure server
• Fast and convenient
• Applications data automatically secured as user
  steps away
• Creates a more efficient work environment
• Easy to deploy, control and maintain
• Centralized, web based management and auditing
• Compatible with most existing software
• Capable of integrating up to 32 different
  applications per user

12
Return On Investment

• Helpdesk reset costs (hard costs, per user)
• Gartner Organizations spend 300-340 per user,
  per year, resetting passwords
• Large corporations spend 50 per reset
• Password resets account for 25-40 of all
  helpdesk calls
• 70-80 of these calls are forgotten passwords
• Productivity Increases (soft costs, per user)
• Saves 25-45 hours a year on network log on time
• Saves 14-22 hours with Single Sign On (SSO)

13
XyLoc in Healthcare

• Business Objectives
• HIPAA (Government regulations for patient
  information privacy)
• Improve productivity and efficiency of medical
  staff
• Solution
• XyLoc XSS-MD
• Installed on over 1,000 PCs and Thin Clients
• Results
• Secure and quick access for medical staff
• Compliance with government regulations for
  security and privacy
• Easy adoption by users

14
XyLoc in Financial Services

• Business Objectives
• Protect highly confidential information on
  executives PCs
• Maintain fast-paced workflow
• Solution
• XyLoc Solos
• More than 80 systems installed for executive
  level users
• Results
• Full-time access control
• Secure and quick access for executives
• Easy adoption by executives

15
XyLoc in Pharmaceuticals

• Business Objectives
• Comply with US Food Drug Administration (FDA)
  regulations
• Corporate security standards
• Solution
• XSS Enterprise supporting 500 users and growing
• Results
• Compliance with FDA regulations
• Securing proprietary information against theft

16
XyLoc in Manufacturing

• Business Objectives
• Manufacturing process and control with greater
  security
• Control of Access to PCs on manufacturing line
• Maintain workflow for high value workers
• Auditing
• Solution
• XyLoc Enterprise
• Authenticates users for manufacturing
  applications
• Results
• Maximized effectiveness by protecting production
  control workstations
• Significant savings with higher productivity and
  quality assurance
• Auditing provides ability to monitor who did
  what and highlights Training requirements for
  Individuals

17
XyLoc in Government

• Business Objectives
• Compliance with US Homeland Security regulations
• Secure access to PCs that control hydro-electric
  operations and dams
• Solution
• XyLoc Solos
• Users are authenticated to access mission
  critical PCs
• Results
• Compliance with government regulations
• Workstations are secured against insider attack
• Auditing provides ability to monitor who did
  what

18
Components of XyLoc

• Badge (Key)
• USB Lock
• XSS Central Management Software
• AI - Application Integration for Simplified Sign
  On
• Fingerprint Authentication Support

19
XyLoc Hardware

• Badge (Key)
• Badge can be personalized with a users picture
  and ID
• Battery CR 3032-3V which typically lasts 16
  months or more, based on normal usage
• Available frequency ranges
• 900 MHz, 800 MHz, and 300 MHz

20
XyLoc Requirements

• XyLoc Client
• Desktop or portable PC running Windows 98, NT
  4.0 with SP 4, 2000, XP, or XPe for Thin Client
• USB port
• 5 MB available hard disk space
• XSS
• Pentium III 1GHz, 256 MB of memory, 2GB of disk
  space, with a static IP Address
• Windows NT 4.0 Server with Option Pack 4 or
  higher or Windows 2000 Server
• Internet Information Services (IIS) 4.0 or greater

21
XyLoc

• Supported Environments
• Microsoft Windows 98, NT 4.0 SP 5, 2000, XP,
  or XPe for Thin Client
• Microsoft NT Domain
• Microsoft Active Directory Windows 2000/2003
  
• Novell eDirectory / NMAS
• Advanced capabilities with Citrix MetaFrame
• and Microsoft Terminal Services

22
XyLoc Application Integration

• XSS-AI for Secure Simplified Sign-On
• Provides tools for scripting logon and logoff for
  computer, network, and individual applications
• Integrates with browser based, server based, Thin
  Client, or even legacy mainframe applications
• Up to 32 different applications per user

23
Solution Partners
24
XyLoc Summary

• Security Full time security based on presence
  of authorized XyLoc badge, automatically lock the
  PC as user walks away
• Convenience use XyLocs intelligent features to
  automatically allow access when an authorized
  user approaches the PC
• Personalization offers automatic access to
  specific application(s) based on presence of
  authorized XyLoc user
• Flexibility Can be used in a wide variety of
  environments single user PCs or shared,
  multi-user PCs, Thin Client and mobile devices

25
XyLoc

• Providing PC security, convenience and
  personalization in todays busy enterprise
• www.ensuretech.com