Altus 2.0 Serves Us so we can better Serve the Public
Overall Satisfaction with HID DigitalPersona (formerly Crossmatch)
We currently use Digital Persona Altus in our enterprise environment with over 500+ computers and up to about 800+ users. We implement biometric (fingerprint) access for all computer authentication in the network and for some managed applications that require enhanced security measures. We are about to roll out token authentication for a few departments that are now requiring improved measures of secure access and authentication of users.
Pros
- Biometric Authentication - easy to set up and manage. Simple to deploy and enrollment of users.
- Managed Passwords - The ability to require specific applications to use two factor authentication or even fingerprint only is a very useful tool.
- Software OTP - The new features of Altus including the OTP tokens - for use with your mobile phone app is particularly handy.
Cons
- Licensing - We find that licenses are used or allocated for users that won't even use the Altus authentication, bring about wasted costs of excessive and unnecessary licensing.
- The biggest con so far has been the inability for technical support or the Crossmatch company to provide specific compatible hardware to use with the smart card or proxy authentication. We have yet to find a compatible solution to implement this and their support has been useless so far.
We haven't tested or used the features for VPN or cloud. We have found that the ease of use for Windows logon is a benefit for some of our less technical users. Facial recognition has been a blessing for those users that do not have fingerprints or a mobile device to use OTP.
We have greatly benefited from this feature, as we are a MS AD environment. Being able to successfully authenticate users using not only secure but different features depending on the work zone has helped a lot. Being able to provide two factor or even three factor in some instances to protect the user, machine and data is wonderful.
All our platforms are pretty much Windows 7 desktops, in-house applications, and some proprietary applications specific to a department. We also utilize the kiosk setup for public users for public information lookup. This allows the department users to log in with their credentials (fingerprints) to reset any software or windows for the general public or to reboot the machines, reducing the calls for IT to assist with lockouts.
We do not currently use Microsoft Azure Active Directory at this time. We have no comment for this topic.
- Positive impact would be the knowledge that our systems are safe from un-authorized users accessing certain programs or machines by using a shared or stolen password. By using biometrics we eliminate the sharing of passwords among users to ensure proper authentication and auditing of users.
Evaluating HID DigitalPersona (formerly Crossmatch) and Competitors
- Price
- Product Features
- Product Usability
- Prior Experience with the Product
Testing and trialing other vendors.
HID DigitalPersona (formerly Crossmatch) Support
Pros | Cons |
---|---|
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed No escalation required Immediate help available Support understands my problem Support cares about my success Quick Initial Response | None |
We were having an issue with hardware tokens working with the system or not being compatible. Crossmatch went above and beyond to assist with testing vendor tokens for use.
Using HID DigitalPersona (formerly Crossmatch)
Pros | Cons |
---|---|
Like to use Relatively simple Easy to use Well integrated Consistent Quick to learn Convenient Feel confident using | Lots to learn |
- Enrolling new user credentials
- Installation of software on DCs and end user clients
- Setting up Kiosks
- Managed passwords for certain applications
Yes - for One Time Password use - mobile app
Comments
Please log in to join the conversation