Water authorities tighten up on security with tokenless 2 factor

Send to friend

Northumbrian Water Limited (NWL) is using a fresh approach to the age-old problem of providing secure access to corporate systems without the need for tokens or smartcards. After reviewing the marketplace, NWL has selected SecurAccess, to provide tokenless two factor authentication for its remote workforce and contractors. This industry standard solution from SecurEnvoy - the global leader of two-factor authentication, will replace its original hardware token system, offering the utility increased flexibility while reducing costs.

NWL joins the ranks of other large utility companies who have also deployed tokenless two factor authentication from SecurEnvoy including Scottish Water, OFGEM and Fairfield Energy - all of whom have found using SMS technology for two factor authentication a cost-efficient and user friendly alternative to traditional two factor authentication solutions.

As you'd expect with a utility organisation, NWL has a diverse workforce some of whom work away from the office, teams who work in the field, - operational managers, communications and marketing teams, IT employees and project managers, based both in the south east and the north east of England. In addition, it also uses the services from a number of third parties including consultants and contractors. For these remote workers it is paramount that they have secure, timely access to the corporate network. By utilising SMS technology, SecurAccess turns any mobile phone into an authentication token removing the need for physical tokens thus reducing their impact on the environment - both in terms of production and deployment.

Anthony Smith, IS Security Co-Coordinator at NWL, explains, "As part of our remote access program we were looking for a replacement to our previous token system. We wanted something that could offer flexibility, a reduction in costs and introduce efficiencies -while continuing to maintain a high level of security. With SecurEnvoy we found it. Tokenless two-factor authentication means we can switch on users in seconds rather than relying on postal systems to deliver physical tokens, often arriving days later. A further inconvenience was trying to get tokens returned by contractors when projects ended. Each one costs money so it gets expensive if they're just written off. We felt it was time for a change." That the majority of our users prefer the SMS tokens is an added bonus making the whole program effortless."

Continuity an added bonus In the event of an emergency, many organisations in desperation will allow remote users to authenticate with a standard username and password. However, this is often when corporate defences are at their weakest and the threat from attack is greatest.  SecurEnovy's 'SecurIce' is a revolutionary approach to this age-old problem and allow emergency secure access to corporate systems without the need for tokens or smartcards.

NWL can switch on this rock-solid two-factor authentication for numerous users in seconds in the case of an emergency, such as freezing conditions preventing access to its offices. There is no need for users to enrol and remember an additional PIN, and no need for extra tokens or smartcards - the perfect emergency two-factor authentication system.

Anthony adds, "Along with the rest of the country, the last two winters meant some of our employees struggled to get in to work and, instead, needed to work from home. Investing in hardware tokens that are only used for a few days a year is nonsensical. SecurIce means, if again the mercury plummets, it's a quick and simple process for us to switch on our employees so they don't have to risk travelling on icy roads, instead staying safe and warm at home with immediate secure access to the network."

How SMS two-factor authentication works: Each employee's existing Microsoft password acts as the first factor, with a passcode sent to the user's mobile phone as the second.

Unlike its legacy hardware tokens that previously took Northumbrian Water days to deploy, it can roll out SecurAccess to its remote workers and contractors in seconds without the pain, cost or environmental impact created by legacy hardware distribution.

With SecurICE, Northumbrian Water has the ability to turn on strong, two-factor authentication for numerous users should the weather, or any other eventuality, prevent them from accessing their usual workplace. There is no need to enrol and remember an additional PIN, and no need for extra tokens or smartcards to be sent using a postal service - so it's the perfect emergency two-factor authentication system.



Comments (0)

Add a Comment

This thread has been closed from taking new comments.