Digipass Strong Authentication provides secure access to Jaga employees
(05/12/2007)

Together with the evolution of the Internet, also came Internet crime. Every company is threatened by Internet fraudsters, as the World Wide Web is now involved in almost every business activity. The key to these threats is to discover the weaknesses in your system as quickly as possible and secure your network thoroughly.

In 2003, the IT-department of Jaga, the radiator factory, decided to draw up a new IT-plan for the five coming years. To do this thoroughly, they contacted their IT-partner DigiPoint for a security audit. DigiPoint, a VASCO reseller, investigated Jaga’s IT-infrastructure and network for weak spots. An employee of DigiPoint put himself in the position of a possible fraudster and illustrated to Jaga what fraudsters could discover and steal from the Jaga network.

As a result of this security audit, DigiPoint concluded that Jaga’s password management could be improved. Until then Jaga employees used static passwords that could easily be retrieved, as a lot of employees just jot their password down on a crib sheet and keep it near their computer. One password was even found on the public terrain of the Internet.

DigiPoint’s recommendations for this issue were clear: the implementation of Digipass and VACMAN strong authentication would make the stealing of passwords useless for Internet criminals.

“At Jaga, we find ourselves with a quick growing group of remote users. As the company grows we have more and more commercial employees that need to log on to the corporate network, while they are traveling,” says Jean-Pierre Thoelen, IT-manager at Jaga. “Jaga often works with artists for the design of its heating solutions, so these artists also need to have temporary access to our network. We want to offer these people secure access, and in the meanwhile we also want to make sure that no unauthorized users can get access.”

Jaga went along with the recommendation of DigiPoint and installed VACMAN Server for Radius and equipped remote workers with Digipass GO1 Strong Authentication. With VASCO two-factor or strong authentication, Jaga employees now need two factors to log in to the corporate network, instead of just one static password. The first factor is something they have, namely Digipass GO1 – a physical device. The second factor is a personal PIN-code, something they know. These two factors combined allow the Digipass software to produce one unique password that changes every 36 seconds. If fraudsters discover a password, no harm is done as you can use every password only once. For the next login, Digipass generates a new unique password.

“We advised VASCO’s solutions to Jaga as we know their technologies very well and have a lot of experience with the products,” says Peter De Pelsmaker, Business Unit Manager Internetworking at DigiPoint. “We saw the advantages of Digipass Strong Authentication for Jaga: Digipass GO1 is intuitive and easy to use. No technical knowledge is required to use Digipass, so Jaga could distribute it to all kinds of users.”

“As we grow more and more internationally, we also equip more and more remote workers with Digipass GO1”, says Jean-Pierre Thoelen. “We are very satisfied with the results: our employees have hardly mentioned any problems. When someone does loose his laptop, we can easily block their Digipass and provide them with new one. Also in the future we will keep including strong authentication in our security plans.”