Providing robust and reliable VPN and virtual authentication for a worldwide financial software provider.
With 20 years of experience in the financial services technology market, Rockall Technologies is a market leader in the area of lending and security/collateral management. Its software is implemented in multiple financial institutions, with solutions ranging from stand-alone to full integration with its client’s existing banking software.
The Challenge
With offices in Europe, America and United Arab Emirates, the business has used many different technologies to integrate its software and builds practical and robust solutions which meet internal and external regulatory requirements for risk management and operational control. Rockall Technologies has an extensive client list across a range of financial disciplines.
Due to the nature of its work with banks, it was essential for Rockall Technologies to have high levels of security in place, both to strengthen its network and increase its security credibility with existing and prospective clients. As a business that is involved in software development for the financial services market, it frequently needs to handle sensitive and commercially confidential client files, including samples of customer databases. Rockall needed to have a robust and reliable authentication system in place to ensure the protection of this data at all times while enabling its workers to securely access the network remotely.
With a mobile workforce regularly needing to access the corporate network from home and from a variety of different client locations, a flexible and scalable solution was required to ensure maximum security without compromising on mobility.
The majority of its employees did not want the extra trouble of carrying a token around, or the additional worry of lost, stolen or misplaced tokens. What was needed was a tokenless approach.
The Solution
The existing SSL VPN provides Rockall Technologies’ 50 staff with remote access to their virtual desktops and the corporate network whilst on the move. This serves to maximise productivity, guard against unexpected circumstances and ensure the flexibility of its workforce. On its own, however, the system raises a number of security challenges, particularly when considering the nature of Rockall Technologies’ work and the sensitivity of the data stored on its network. Additionally, the VPN only allowed five users to access the network at one time, causing particular problems when a number of staff required simultaneous access. The company needed a solution capable of allowing access to multiple authorised users.
To implement this new secure system, Rockall Technologies turned to Dublin-based end-to-end IT security solutions provider Zinopy. After evaluating a number of different security solutions, Rockall selected Swivel Secure’s flexible authentication platform AuthControl Sentry®, to fulfil the user authentication aspect of its solution. AuthControl Sentry® ensures that only Rockall’s authorised users can access the corporate network by using its PINsafe® protocol to generate a one-time code (OTC), each time the user needs to log in.
The OTC process involves the user being sent a randomly generated security string, via SMS, a smartphone app or as an embedded image in the application login screen. The solution can be configured using any combination of the different authentication methods depending on internal policy, the type of application and user access privileges.
Rockall Technologies opted to configure the system using a combination of the smartphone app and the web image (TURing) options, which allow staff to choose the option they deem to be the most convenient. When using the TURing option, the OTC is extracted from the security string using the PIN digits as positional references, a simple user-friendly process that takes just a few seconds to complete.
The patented OTC extraction process means that the user has to be present at the time of login and is a unique security feature that differentiates Swivel Secure’s solution from other tokenless technologies. This ensures that the user’s PIN cannot be compromised by common threats including phishing, keylogging, man-in-the-middle and shoulder surfing attacks.
Zinopy recommended Swivel Secure’s authentication platform and its PINsafe extraction protocol for Rockall Technologies’ remote access solution because it is easily scalable and innately flexible. Had Rockall Technologies opted for a token-based solution, individuals that had lost their tokens (or had them stolen) for example, would have needed to await shipment of a replacement before their remote access could be reinstated. This would have been a particular hindrance to its US office, which operates a widespread remote workforce.
In contrast, AuthControl Sentry® user-friendly tokenless solution does not depend on the shipment of hardware, which greatly reduces the time, cost and administrative resources required to provision users.
Benefits
The expertise of Zinopy, combined with the advanced knowledge-base of the Swivel Secure team resulted in the smooth implementation of the remote access solution. Thanks to the new solution, and the Swivel Secure authentication platform, Rockall Technologies is already seeing a strong return on its investment, including:
Multiple staff are now able to connect to the corporate network from any location. This has streamlined working processes and allowed staff to work more efficiently and effectively when out of the office. The majority of those accessing remotely are developers who need frequent, high-speed access to their secure network resources. The combined solution enables them to work remotely, securely and productively, as if they are in the office.
When dealing with banks, it is essential for Rockall Technologies to have high levels of security credibility. The combination of the AuthControl Sentry® authentication platform and PINsafe® protocol provides Rockall Technologies with a proven strong authentication solution. As a tokenless solution, Swivel Secure mitigates the risks associated with physical tokens being lost or stolen and also reduces the administrative requirements of the IT department in rolling out and managing a token-based system.
We were looking for a proven, tokenless security platform which is quick and easy to implement. The speed of the connection once the VPN connection has been established is excellent, allowing everyone to work remotely to a previously impossible standard. The Swivel Secure authentication platform and PINsafe® protocol offers a cost effective tokenless solution which fulfilled all of our needs and has made our lives that little bit easier
Philippe Thirroueiz, IT Manager of Rockall Technologies
The implementation of AuthControl Sentry® and PINsafe® protocol with the existing VPN could not have been easier. The flexibility of the Swivel Secure solution is proving attractive to a lot of our customers and the team at Swivel Secure are great to work with.
Rory Harte, Account Manager, Zinopy