Simplifying Sign-on IDs
An enterprise-wide single sign-on approach cuts employee frustrations, improves business efficiency while also increasing security.
Banking and financial services firms are helping pioneer the approach.
As a leading commercial banking and wealth management services provider in St. Louis and Kansas City, Enterprise Bank & Trust is committed to providing its customers with the highest standards of service and security.
To this end, a few years ago the bank’s security officer and IT team implemented unique and complex passwords that bank staff had to remember to gain access to their many applications. Complex passwords were also put in place to comply with FDIC audit regulations mandated by Sarbanes-Oxley and FFIEC.
COMPLEX AND FRUSTRATINGThe complex password implementation frustrated both users and security staff. Users struggled to remember many unique and difficult passwords, even resorting to writing passwords down, which compromised security. Since users often forgot their passwords, they frequently got locked out of their systems and were unable to do their work. This resulted in frequent calls to the help desk for password resets, and increased IT costs and resource requirements.
Enterprise Bank’s IT team began looking at enterprise Single Sign–on (SSO) solutions that would alleviate users’ password burden, tighten security and ensure compliance with intensifying audit regulations. Since the new solution would need to be deployed company-wide, it was a high-profile situation that required careful and thorough evaluation. The bank’s IT team, led by Steve Siress, network systems manager, conducted an extensive review process, including on-site testing of a number of SSO solutions.
After completing the evaluation, Enterprise Bank chose Imprivata OneSign. According to Siress, “Other products we evaluated were harder to use and implement, required scripting, and the companies were very green at Single Sign-on.”
Enterprise Bank’s implementation went smoothly and quickly. In fact, the appliance was installed prior to the arrival of the source’s support engineer. Within just a few days, the bank had SSO-enabled applications on its core AS/400 system, along with Web, legacy and vendor-based applications. “Since the interface is so easy to use, our IT staff can SSO-enable applications in just a few minutes with no scripting and without the need to phone for support,” said Siress. “We’ve currently added 35 applications and plan to add more.”
OUT-OF-BOX SOLUTIONSSiress said, “With quick to deploy, out-of-the-box solutions, we’ve found a way to comply with audit regulations while significantly reducing help desk costs and improving employee productivity. Our employees absolutely love the new system, and in fact, have told us they will not give it up.”
The solution integrates seamlessly with Enterprise Bank’s finger biometrics implementation for two-factor strong authentication that some users already have. Plans call for a company-wide roll-out of biometrics in the near future, which will eliminate the need for any passwords.
Siress noted, “With biometrics, we set it up so that OneSign automatically changes the users’ passwords behind the scenes. This will increase security as the passwords will be complex and up to 32 characters in length, far greater length than what we could ever ask our users to remember. Also, users will never actually know their passwords, thereby eliminating the possibility and the risks of sharing passwords.”