Media Centre  > Media Centre > Case Studies > Local Government Two Factor Sign-On  
 
 
 
bullet_newell_red.gif Local Government Two Factor Sign-On

Sopra Group Supplies Strong Two Factor Sign-on Solution For Local Government

With many key business systems providing critical services to local residents and dealing with a wide range of personal and financial information, this Council recognised the need for a secure method of controlling and auditing access to these systems.

Whilst strong complex passwords were an option these presented many problems, especially for the users.  With a wide range of specialised applications requiring users to remember numerous separate logins, complex passwords were inevitably forgotten, mistyped or even written down!  The council was accordingly concerned about the increased support costs and the effective reduction in their system security.

The aim of the project was to:

  • Provide a more secure means of controlling user authentication to the Council's systems and data
  • Implement a system that would provide improved audit and accountability for authorised users to access to the Council's data: a necessary requirement for connection to the Government Secure Extranet (GSX)
  • Enable securely authenticated remote working to facilitate home, mobile and partnership working
  • Improve efficiency and cut support costs by enhancing the user's IT experience and reducing the number of helpdesk calls for simple issues such as password resets.

Solution

Sopra Group has been working with this Council for a number of years and over this time has developed an indepth knowledge of the organisation.  The company's expertise in Information Security made them an ideal partner to design and implement an appropriate solution.

Sopra Group designed a secure network log-on and "Simple Sign-on" solution for the Council's 2500 internal users, using a strong two factor authentication solution based on Aladdin's 'eToken' USB smartcards, which were used to authenticate users to the network rather than passwords.  Sopra Group provided a full end-to-end security service, and its consultants evaluated the situation, recommended a solution, supplied the necessary technology and assisted in the implementation.

The tokens, which are smaller than a household key, contain the user's identity in a digital certificate which is securely stored on the smartcard.  Additionally for proprietary applications that require their own password, the simple sign-on solution allows the secure storage of the application passwords, removing the need for users to memorise multiple passwords.

In order to provide effective deployment and support of the overall solution, it was backed up by a comprehensive enterprise management solution which was closely integrated with the Council's existing network administration tools.

Benefits

The solution provides a highly secure and easy to use means of controlling user authentication, which does not involve users having to adopt more 'complex' passwords.

Other benefits include:

  • Audit: The system provides improved audit and accountability data on authenticated users that supports the Council's compliance requirements
  • Remote Working: The tokens integrate with remote access VPN clients, thus enabling them to be used to support the Council's needs for remote working
  • Less frequent update of authentication details: Because of the inherent security from this technology, the Council can reduce the frequency of changing authentication details. This will reduce helpdesk calls for password resets
  • Non-Repudiation: The solution allows the Council to digitally-sign emails so that they can be sure of the author's identity. This also allows them to automate paper-based processes where emails were previously considered insufficient for authorisation
  • Simple Sign-on: The solution enables a user's log-on details to other systems, as well as the main Council network authentication, to be stored on the token.  A user can then seamlessly log-on to multiple applications simply by authenticating with the eToken.

The Council IT Security Officer stated:

"Sopra Group has a great deal of experience in the public sector and by using their security experts we were confident that the recommended solution would meet all of our requirements. With their help we were able to implement a secure solution that eliminated the headache of remembering many complex passwords and fitted with our existing systems. This solution has significantly freed up our internal IT resources enabling them to focus on higher value activities. We are very pleased with the results."

The Future

The technology will enable the Council to make use of other facilities in the future such as the encryption of sensitive data. For example, Social Workers operating with local copies of sensitive client data can have either these documents or their laptop's entire hard-drive encrypted using market-leading disk encryption software that supports the eToken technology, so that loss or theft of their laptop poses no risk of revealing sensitive data.
  Return To Top   Email Us   Sopra Group Global Important Information
Copyright © 2001-2008, Sopra Group. All rights reserved.