Retailer John Lewishas secured 15,000
staff with the SecurAccessremote authentication system, which
uses mobile phones.
The system from
SecurEnvoy offers two-factor authentication that transforms
mobile phones into virtual network tokens.
Instead of using tokens or smart cards, the SecurAccess system
sends a passcode to users' mobile phones.
When users wish to log on to the corporate system, they enter
their Microsoft User ID and password, and then the passcode that
has been pre-enabled on their mobile phone.
Once the passcode has been used, it is superseded with a new one
sent to the phone.
This pre-loading function eliminates the need to install any
software on to the mobile device, and provides users with access to
their passcode as soon as they need it, rather than having to wait
for an SMS message to be delivered.
John Lewis expects to make considerable savings by swapping from
token-based two-factor authentication to SecurAccess.
The user licence is cheaper than purchasing, replacing and
distributing tokens, and deployment costs are lower with no need
for training courses.
Matthew Clements, principal programmer for John Lewis, said, "We
have been using traditional token based two factor authentication
for remote access systems since the late 1990s.
"However, after reviewing the capital, revenue and
administration costs associated with the existing system, we
decided to look for a cheaper alternative, and found SecurEnvoy's
tokenless approach to be far superior, and a cost effective
solution."