Tokyo Denki University (TDU)

Swivel Secure’s Academic discount reduces hurdles for the introduction of two-factor Authentication at Tokyo Denki University

Tokyo Denki University (TDU) is an integrated Science and Engineering University established in 1949. The predecessor of TDU was the “Electrical School”, established in Kanda, Tokyo in 1907. TDU has 4 graduate schools, 6 undergraduate schools, along with associated junior and high schools. With a history of more than 100 years, TDU aims to develop human resources that can contribute to the society through technology.

Tokyo Denki University Computer Security Incident Response Team (TDU-CSIRT) has been established to formulate specifications for security products on campus, as well as tackling security incidents and preventing outbreaks to protect the core of TDU. In 2016 TDU-CSIRT became the first university organisation to be recognised as a member of the CISRT Council of Japan.

Considering two-factor authentication to strengthen authentication

According to Ms Yoko Takahashi, Head of CSIRT at Tokyo Denki University

“Two-factor authentication was being considered as one of the security measures at the University. The site had to be wide open and accessible, but this meant it was exposed and open to potential attacks. It, therefore, made more sense that credentials alone would not provide adequate protection, that the University required to prevent unauthorised access.”

“At that time I was considering a wide range of applications including utilising authentication methods such as biometrics. Masuda of NSD Business Innovation Co. Ltd. introduced the Swivel Secure platform: AuthControl Sentry, and I decided to consider the solution because it looked easy to use. The convenience, cost and usability of the solution made it an easy decision to implement AuthControl Sentry^® as the security solution for Tokyo Denki University.”

According to Mr Atsushi Fujita, a member of TDU-CSIRT at Tokyo Denki University and the person who oversaw the evaluation:

“We considered a range of multi-factor authentication methods, but we decided on Swivel Secure’s solution for several reasons.
The three main reasons for this decision included:

Firstly, the convenience; of using special devices such as fingerprint authentication or palm authentication is not practical, considering the distribution of the devices and their usage off-campus.

Secondly, relating back to the previous point; it’s the problem of cost. When it comes to a solution that is used by more than 10,000 students and staff members, it is necessary to utilise multiple factors such as fingerprint and hardware tokens, but this is too costly. However, Swivel Secure has a discount for educational institutions and so this provided an ideal solution for us.

Thirdly, the end-user experience; Software tokens using one-time passwords (OTPs) are the best choice based on cost, but alternative products required the user to remember special patterns etc. With this option, there was a risk that the usability of this solution for both students and staff would worsen, decreasing user adoption across campus. However, Swivel Secure’s PINpad is intuitive and easy to use without compromising security. When we implemented PINpad^®, there were only a few inquiries because it was self-explanatory, so most knew instinctively how to use it.”

The Solution

Swivel Secure’s solution: AuthControl Sentry^® started operating at TDU in March 2018 and two-factor authentication was first applied to authenticate access to the application Box, using Active Directory and SAML. Box provides cloud content management for students and staff to share material.

Swivel Secure’s risk-based authentication functionality is configured with two-factor authentication for each user. When staff members access Box within the university AuthControl Sentry^® requests simple credentials for successful authentication, but when accessing Box from outside the university, authentication with PINpad^® or TURing is required.

Applying multi-factor authentication to the Portal Site

In 2018 AuthControl Sentry^® was applied to the on-campus portal site to authenticate student’s access. According to Mr. Fujita, “AuthControl Sentry^® can be integrated with various software via SAML including our portal site, so there is no need to modify the portal site itself.”

Ms. Takahashi also remarks that “Swivel Secure’s installation and operation can be done without compromising the security. At this moment the introduction of two-factor authentication (2FA) in educational institutions is in progress and everyone understands the requirement for it. There were no issues introducing AuthControl Sentry^® and operationally it is a success and so we have accelerated the deployment throughout the university.”

Swivel Secure’s academic discount for educational institutions

Swivel Secure’s special offer for educational institutions dramatically boosts the cost performance for protecting the whole university against cyber threats, such as unauthorised access.
Find out more here.

Ms. Takahashi stated: “This is really helpful because the number of students in the university is overwhelmingly larger in relation to staff members. It is easy to use, easy to install and manage, yet secure and competitively priced. Therefore, Swivel Secure would be a good solution for any educational facility that needs to implement multi-factor authentication.”

Swivel Secure in partnership with Security Strings.