No. Sure, users have one fewer token to carry around, but where's the convergence of the back-end access-control systems and the processes and resources they depend on? That's where the real benefits reside.
Still, many of the vendors and integrators we spoke with pitch a reduction in the number of access-control credentials as a way to get a convergence initiative off the ground, and you will see benefits throughout the organization. Employees gain a single, unified access-control authentication device, cutting down on misplaced tokens, reducing training overhead and allowing seamless access. IT provides users with a hardware authentication token that's capable of supplementing or supplanting the traditionally weak password-only authentication scheme.
Administratively, a single location for employee ID management reduces duplicate data-entry operations and allows for immediate and real-time authorization revocation of all enterprise resources.
Auditing and forensic groups have a central repository for access-control investigations. Hardware unification can reduce the number of vendor purchase-and-support contracts. And finally, legal can show improvement in access-control efforts to meet regulatory requirements.
As a bonus, certificate-based access-control systems can leverage user ID certificates for other security apps, such as document e-signing and data encryption. And, certain types of access tokens can be used for nonaccess-control functions, such as vending and e-purse apps.
