Shetland Islands Council selects SecurEnvoy 2FA to provide secure remote access to the corporate network.
The UK introduced the Public Services Network (PSN) to substantially reduce the cost of communication services across UK government and enable new, joined-up and shared public services. Shetland Islands Council uses the platform extensively and needed to bring remote access to its corporate network up to the PSN standard. A strong two-factor authentication (2FA) solution was required. The council worked with Infosec Cloud and chose SecurAccess from SecurEnvoy, as the software enables secure logins without requiring dedicated tokens.
Using smartphones as security keys
Shetland Islands Council contacted IT service provider Infosec Cloud to research cost-effective, proven 2FA solutions with straightforward and flexible logins. Infosec Cloud recommended SecurAccess, as this has the advantage that staff do not need to use costly and cumbersome additional tokens for two-factor authentication. The developer of the software, SecurEnvoy, makes use of something that virtually everyone already has with them – the smartphone – instead of supplying additional physical tokens. SecurAccess allows users to receive dynamically generated passcodes, for example via SMS, which they then enter in addition to a username and password in order to authenticate themselves.
“We needed a solution that was quick to implement, easy to use and would become part of the day to day login process of our staff. Taking a tokenless approach has saved us money and means we do not have to manage a physical token inventory”, commented Michael Marriott, ICT Team Leader, Shetland Islands Council.
Rapid integration into everyday working procedures
Shetland Islands Council was impressed by the SecurEnvoy approach and ordered 50 licences for testing. After a short familiarisation phase, council users quickly appreciated the benefits and ease of use of the solution. Shortly afterwards, the council procured 1,300 SecurAccess licences and distributed these to its staff. The district council’s IT department implemented the solution as a cloud service with technical support from Infosec Cloud. The council was able to perform the installation itself, with Infosec Cloud available through their 24×7 portal, support line and email, and rapidly integrated SecurAccess into the existing infrastructure. The solution was gradually rolled out to all departments over the course of two months.
Council employees primarily use the software’s SMS option when logging into the corporate network. In addition to conventional login details, they receive the passcode required for 2FA via SMS on their existing smartphones. By entering this code users authenticate themselves when remotely accessing the authority’s network. The soft token app from SecurEnvoy works in a similar and straightforward way. Users simply install the application on their smartphone or tablet and can use this to obtain a QR code. This is then scanned using a webcam on their computer or mobile device, thereby allowing the app to transmit information that unequivocally establishes the identity of the employee.
Click Here to find out more about tokenless authentication and watch a short video.