Indeed Certificate Manager increases the overall information security level of a company due to the following:
- Centralized application of PIN policies When a key media is issued, it has PIN requirements written to it: complexity, change interval, history depth etc. The available parameters depend on the device model. The policies are stored and distributed centrally. The administrators do not need to configure policies for every single card.
- Device accounting. Each device - a smart card or USB token - is assigned to an employee responsible for it. Only Indeed CM administrator or the device owner can issue or update certificates for the device.
- Timely revocation of dismissed employees’ certificates. In order to disallow access of dismissed employees to corporate resources promptly, the Indeed CM contains a special service that checks the user directory through at defined intervals and revokes certificates of users marked as dismissed.
- Flexible configuration of privileges Indeed CM allows the companies to define their own security roles with configurable list of allowed operations. It makes it possible for administrators to bring the Indeed CM role model into compliance with the company business processes.
- Control of smart card usage at users’ PCs. Indeed CM allows for tracking of what smart cards are connected to company computers and by whom. Administrator can assign a certain smart card to certain user or PC. If the system discovers a discrepancy (say, a smart card is connected within a session of another user or to disallowed PC), then the smart card might be locked.