Lovells, one of the world's leading international law firms, has outsourced its RSA SecurID two-factor authentication (2FA) to Cambridge based Signify.
With growing demand for secure 24/7 remote access to sensitive information and resources, the Signify 2FA managed service has now been rolled out to more than 1500 Lovells employees and partners.
Signify also supports Lovells secure Extranet that provides a web-based 'meeting space' where its own personnel can share information and collaborate with clients, financiers and other third parties for the duration of a specific case or transaction.
While Lovells initially ran and managed its RSA token-based authentication servers in-house, dealing with increasing demand for remote access proved time consuming and was demanding specialist skills and resources. So the decision was made to outsource its 2FA operations to Signify, a specialist provider of secure token and token-less authentication managed services.
"Our users want an easy to use system that is always available, while our IT department need a highly secure and reliable solution that is simple to deploy, manage and scale; and that's what Signify gives us," comments Warner Beekmeyer, Network Security Manager.
Lovells has based its information access strategy on Citrix Virtual Desktop technology. Citrix creates an encrypted web connection to corporate applications such as email, time billing and document management systems and gives the user the same experience whether working from their office workstation, corporate laptop or a PC in another office, at home or even in an Internet café.
"We can enforce our corporate security policy, add or remove users and delegate management responsibility to local administrators thanks to Signify's powerful Identity Management Centre web portal," said Stuart Robbins, Information Security Analyst at Lovells. "The reporting tools provide all the service visibility and usage information we need and the automation of token logistics saves us real time and cost, as the IMC lets us track and trace every token."
Lovells is now looking at extending the use of the SSignify service, including securing WiFi access points within its main global offices and providing token-less authentication of contractors, third-party and other temporary users, using Signify's mobile-phone based Passcode OnDemand service. And by potentially extending this service to all staff on a short term 'In Case of Emergency' basis, Signify may even be able to help Lovells' Disaster Recovery planning.
"Law firms like Lovells create some of the most compelling cases for managed security and remote access," says John Stewart, founder and director of sales and marketing at Signify. "Their high value legal professionals demand reliable, round the clock access to sensitive data and applications, while on-line collaboration with clients and third-parties improves efficiency and deal making."