• Overview of Benefits
• Features
  • - Authnodes & RADIUS
  • - Automated End User Helpdesk
  • - Brand the Signify service with your own labels
  • - Emergency Access Management
  • - How to set up the service
  • - How to set up your security policy
  • - IMC Logging and Reporting
  • - Overview of Provisioning Services
  • - Role Based Management
  • - RSA SecurID - The market leading authentication tokens
  • - Signify Service Infrastructure
  • - Temporary User Access Control
  • - The Identity Management Centre (IMC)
  • - Why you still need 2FA with Juniper SSL VPNs
  • - Signify Service availability
• Services
• How to Buy
• Contact Us

• Home

Emergency Access Management

Emergency Access Management

When a user’s token is lost, stolen or broken, they must report their token lost at the IMC Helpdesk.  Once the report has been authenticated and processes by the IMC the user may, if authorised in the organisation’s security policy, be provided with number of ‘Emergency Access’ one-time passcodes to allow them to continue working whilst awaiting receipt of their replacement token.

It is essential that only properly authorised and authenticated users are provided with emergency access codes and the entire process is carefully managed so it does not present a vulnerable ‘back door’ which might be exploited by attackers. 

The IMC delivers a range of rigorous procedures to manage the emergency access process. One of the most popular procedures is that the user’s emergency access codes are released to a trusted colleague of the user, or ‘notary’, who then takes responsibility of passing the codes onto the remote user.  This ensures that a helpdesk operator cannot be ‘browbeaten’ by a convincing caller to release emergency access codes when the identity of the caller cannot be rigorously verified.