Expisoft Secure Access product portfolio

The Expisoft Secure Access portfolio consists of various types of security modules and products, ranging from personal firewalls and VPN clients, local and network log-in functionality, single sign-on features, encrypted local and cloud disks, issuing of certificate for identification of users and permissions etc.

All modules use advanced symmetrical and asymmetrical cryptographic methods to ensure that no unauthorized users can log into mission critical systems or access enterprise sensitive information without access to a legitimate smart card or a mobile ID installed on their smartphone and a correct role.

The Product Portfolio complies with all Scandinavian and European security standards in IT security and it also complies with the recommendations of the Department of Health and Human Services, H.I.P.A.A, and 24-hour authority requirements for e-commerce and the protection of confidential information.

All security products and modules in the Expisoft Secure Access product portfolio use strong authentication for validating users and IT systems/applications, which provides a significantly higher level of security than traditional passwords.

The Expisoft Secure Access product portfolio contains the ExpiLogon SSO module that offers the organization and user:

  • A common login to reach all applications that the user is authorized to use and where a traditional password is replaced with strong authentication technology using a smart card or smartphone with a mobile ID installed
  • Single Sign-On functionality to the organization's servers, network and applications, i.e., the user does not need to make multiple logins
  • Eligibility and access control of all users when they login to the organization's IT resources, i.e. servers, network and applications

The Expisoft Secure Access product portfolio includes a software client called ExpiClient, which when installed on a PC or Mac, offers the following functionality:

  • Secure logins into users' computers and further into the network using a smart card or smart phone with a Mobile ID, ie strong authentication of the user
  • Automatically and transparently encrypt the user's local hard disks
  • Control the user's access to encrypted archives and disks in the network
  • Encrypt the communication to and from the user's computer using a built-in VPN client and personal firewall

The Expisoft Secure Access product family also contains an ExpiGuard module that can:

  • Be installed directly on the target system that should be protected or on a so-called network appliance that is placed in front of one or more target systems that should be protected
  • Stop traffic over unauthorized ports as well as prevent SQL injection, XSS and XSRF attacks
  • Filter, check and encrypt traffic sent over authorized ports
  • As application firewalls, whitelist and/or blacklist items, forms, etc. as well as look for specific URLs to block or pass through
  • Permission and access control of users who try to reach the companies network resources and business applications

The Expisoft Secure Access product portfolio also includes a complete CA system, SecureAccess Certificate Manager, with functionality to

  • Issue certificates and e-credentials for identification and authorization of the company's users
  • Handling various PIN/password policies, smart cards, card templates, administrator and user groups
  • Control users' access and logon rights to the organization's servers, applications, encrypted cloud disks via a role-based security administration
  • Allow the company's users to perform self-administration. Users can easily retrieve and renew their own credentials, certificates, block a lost card/certificate, remote unlocking of smart cards etc
  • Automatically distribute all necessary security configurations (roles, permissions, etc.) to client and agent features installed on the target systems that are to be protected or the network appliance that are placed in front of the target systems
  • Logging/reporting of events for issued and blocked certificates, add/remove users, smart cards, etc.

In summary, the Expisoft Secure Access product portfolio provides the organization and their users with greater security and simplicity all at the same time:

Expisoft Secure Access also simplifies the IT department's work with users that have forgotten their passwords. A large part of most companies IT support is about helping users who forgot or lost their password.

Using a security solution based on two-factor authentication where the user only has to remember a PIN code, the company can save many hours of work and unnecessary cost while increasing the security level of the business at the same time.


With ExpiClient and Single-Sign-On, the user's life is greatly simplified since he/she only has to remember one PIN to log in to all systems and applications for which he is authorized.

Thus the user avoids using different passwords for different systems and applications and moreover, avoids replacing these passwords at regular intervals. The security solution will do this exchanges of passwords automatically for the user in the background.


Expisoft Secure Access has an easy-to-use security administration which provides a simple overview of the permissions assigned to the organization's users, i.e. which systems and applications the user has accessed to.

If or when a user changes a task or ends his/her employment, roles and permissions assigned to that user can easily be retracted.

Expisoft Secure Access raises the organization's security overall level since the users no longer need to use long and complicated passwords and change them at a regular basis.

Bad security behaviors with users choosing weak passwords or writing down difficult password on post-its that are kept near the workplace, such as under the desk or stuck directly on the screen are easily avoided.