• Overview of Benefits
• Features
  • - Authnodes & RADIUS
  • - Automated End User Helpdesk
  • - Brand the Signify service with your own labels
  • - Emergency Access Management
  • - How to set up the service
  • - How to set up your security policy
  • - IMC Logging and Reporting
  • - Overview of Provisioning Services
  • - Role Based Management
  • - RSA SecurID - The market leading authentication tokens
  • - Signify Service Infrastructure
  • - Temporary User Access Control
  • - The Identity Management Centre (IMC)
  • - Why you still need 2FA with Juniper SSL VPNs
  • - Signify Service availability
• Services
• How to Buy
• Contact Us

• Home

Temporary User Access Control

The Temporary User Access feature on the Identity Management Centre (IMC) allows you to provide selected users with temporary access to your systems, This is particularly useful if you need to issue strong authentication credentials to contractors or part time workers, or you have a rapid turnover in staff.

Creating temporary activations

Setting up a temporary activation for a user using the IMC is a very straight forward procedure.  You must have the temporary access feature enabled for your organisation and be a Signify administrator to do this though.  Like setting up a new user, you simply select which authentication node the user is to be granted access to, but whereas normally the user's access is either permanently enabled or disabled on each authentication node, you specify exactly when their access starts and ends.

By clicking on the "Enable User Temporary Access" box, you can grant the user access for a few minutes, hours, days or months and the activation will end on the specified date and time. No-one has to remember to disable the user's activations - it will happen automatically.

Thus a contractor can be given a token and be activated for their one month contract period. Or during an outage of a critical system, a remote IT Support Engineer's mobile phone can be registered to the Passcode OnDemand service to allow him VPN access for just a couple of hours while he is fixing the problem.

Viewing existing temporary activations

At any point you can check all the temporary activitaions that are either active now, or will be active at some point in the future.  You can also view previous activations.

Each activation displayed shows who the user is, details of the start and end times, their status and any reminders that are due to be sent.

What happens at the end of an activation?

At the time of activation, you can set up pre-expiry reminders. With this set up the system sends an e-mail to users shortly before their activation is due to expire, informing them their temporary access is due to end. Administrator receive a simple link to the IMC where they can extend the activation if appropriate.  When the end of the activation is reached, the IMC will automatically remove the activation such that the user can no longer log in to that authentication node.  The IMC will also send an email to the end user informing them that their access has ended.

Pre-sending SMS and e-mail One time Passcodes(OTP)

If the user for whom you have created temporary access use an RSA SecurID token, then as soon as their activation is enabled, then they will be able to use their token to log in.  If however they use Passcode OnDemand, where the passcode is delivered to their mobile phone or email box, then you can make it very easy for the user by pre-sending an OTP to them at the same time as creating the activation.