HID DigitalPersona (formerly Crossmatch) provides a comprehensive multi-factor authentication solution. The vendor’s value proposition is that their solution frees users from cumbersome login activities while making it easy for an IT Team to secure access to their networks, data and applications.
$3.75
per user per month
Imprivata Enterprise Access Management
Score 7.0 out of 10
N/A
Imprivata Enterprise Access Management is a single sign-on (SSO) and authentication management, dedicated to fast but secure audit-proof clinical data access.
During the onboarding process, remote workers can enroll their fingerprints or create secure PINs. This eliminates the need for complicated passwords and enables them to safely access company resources and critical apps from remote locations. HID DigitalPersona's robust authentication techniques and access control features can assist you in adhering to data security laws.
Imprivata is a clear market leader for authentication management for healthcare. They don't have a whole lot of competition, and the few competitors that are out there don't really match up.
Multiple domains - DigitalPersona struggles with multiple domains. Since the solution is licensed per domain, migrating users between domains can be troublesome to keep licensed. Additionally, migrating to a new domain removes the AD leaf objects that store all digital persona information, essentially wiping out and credentials or other stored information.
Password change - DigitalPersona can be confusing to update when a stored password for a website is updated. The password is entered, and then the user is redirected to the websites password change page. Users must then authenticate with a Digital persona credential again before being prompted by Digital Persona to update the password. If the user is allowed to change the password manually through the websites page, this will lead to what is stored in Digital Persona being out of sync with the new password, and eventually account lockouts.
Terminal Server - DigitalPersona has performance issues when utilized on a high-traffic terminal server. Often it causes big CPU spikes as well as hanging sessions upon disconnect.
System health was an issue and the tool really needs a maintenance process to allow for a system restart when not in use, we accomplished it with secondary scripts.
Disconnect with Citrix was sometimes an issue but we were running an older version of the application server. The logging and troubleshooting was cumbersome to comb through.
It is wonderful for multifactor authentication and gives us many options for what we use to authenticate. All of our users use it and it is engrained into our group policies and people would be very disappointed if it went away.
I think there are still fundamental enhancements needed to be added to the management consoles and I think there ought to be a Centralized, Windows Based "Thick" Management Application instead of individual utilities which vary from MMCs, Scripts, Wizards, etc.
Extremely poor; I've never encountered such. Professional Services completely dropped us for months. Crossmatch tech support seems like it has 3 techs tops! No response to emails, calls, the absolute worst! I will never recommend DP to anyone.
Could use tools to audit license usage at a more granular level as to allow an administrator to free up licenses from users whom seldom use their biometrics to login.
We evaluated Cisco DUO but ultimately chose HID because of their support for biometrics. With DUO every user would have to have the authentication app on their personal phone and pull it out each time they had to log in. We definitely did not want this for our frontline staff as it would slow the process way down
It's easy to deploy and the total cost of ownership is lesser compared to other products. Have dedicated support team who helps you out when there is any technical issue.The Admin console very easy and intuitive to use; this makes any new user to manage the tool very easily with less hand holding.
Provides a quick one finger authentication\log-on.
Logging onto a machine that is used by several other users, such as in retail is no problem because the DigitalPersona software does a switch user function instead of logging out the other user.
One negative that was apparent immediately after installing the DigitalPersona software was that users very easily forgot their Windows passwords because of the one finger log-on.
