SecurAccess tokenless two-factor authentication for Milton Keynes hospital

(01/08/2008)

Milton Keynes is a typical district general hospital offering a range of clinical services to the population of Milton Keynes. The hospital has a legal obligation to comply with very stringent data protection laws so secure access to its IT network is very important. A particular concern for the IT department is ensuring secure access for those employees who need to access the network from home, including both clerical and medical staff such as radiologists who often need to access the network from outside of the hospital.

“Historically we have provided those staff who need to access the network remotely with RSA tokens,” explains Richard Medina, IT manager for Milton Keynes Hospital. “However the solution was very costly, especially as the tokens were being frequently lost and it was taking up a lot of management time, both in terms of dealing with lost tokens and setting up new users on the system.”

After evaluating the various alternative solutions available on the market, Richard chose SecurAccess tokenless two-factor authentication from SecurEnvoy as it could provide the level of security he was looking for at the right price.

SecurAccess does not rely on physical tokens or smart-cards but uses mobile phones as a second authentication device. By sending a passcode via an sms message, organisations can easily enable strong, secure remote access for all their users at a touch of a button.

The passcode on the sms message is used in conjunction with user’s Microsoft User ID and password to log on to the network. With SecurAccess’ pre-loading function, once a passcode has been used, the sms message is superseded with a new one which is sent immediately to the mobile phone, eliminating the issue of there being any delay if the user is in an area with poor mobile reception.

One of the key benefits of SecurAccess is that it is very easy to install and configure and removes the need to physically distribute tokens for set up, renewal and repairs. This obviously has an impact on the amount of time the IT department has to invest in managing other systems.

“Since rolling out SecurEnvoy to 300 staff across the hospital we have been able to significantly reduce our administrative overhead and the overall cost of the solution as well as improving the security of our network,” continues Richard. “We have also had really positive feedback from users who like the simplicity of being able to use their mobile phone as it means they do not have to have the responsibility of carrying additional tokens.”

Following the success of the project, the IT department is already considering extending the roll out of SecurAccess to staff at the Primary Care Trust who are keen to take advantage of the benefits the technology offers.

Related topics:  Authentication and identity management   Building access control system   Network Security 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources