Save the Children has installed a two-factor
authentication security system after the charity's head of
operations and communications decided the previous system needed to
be improved.
More than 4,000 employees work in 52 different countries, making
a secure network necessary, said Andrew Brenson, a spokesman for
the charity.
"We had a
Citrix system before which was a single-factor authentication,"
he added, "Users could access it from anywhere in the world on the
web, using a user name and password. This wasn't really
satisfactory and I decided we had to find a
two-factor authentication system."
He decided to use a SecurAccess system from
SecurEnvoy, which uses mobile phones to provide the second code
users need to log on.
When users start using the system, they pick a four-digit pin
code in addition to their username and password. The system then
automatically sends them their first six-digit code to their mobile
phones as a text, which they use to log on next time.
The codes can sit on the phones for two to three weeks. When the
user logs on using the six-figure code, the system automatically
sends them a new code to use next time.
"Because this is a charity, it is meant to be used by people are
all over the world, so it had to be flexible. It also means cost is
an issue, and this way we did not have to spend money on new
hardware. By using the mobile phones we are getting more
utilisation out of something we already had," said Brenson.
"Before, our systems were a little bit vulnerable, and now they are
not."