Tobacco group Gallaher is rolling out identity management technology that will provide 2,500 staff worldwide with secure access via the internet to company systems from desktops and remote laptops.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
The system, which is expected to pay for itself in just over two years, will allow staff travelling in remote parts of the world to securely access applications and e-mail.
Gallaher Group employs more than 11,000 people and has manufacturing plants in locations around the world, including the UK, Austria, Kazakhstan, South Africa, Sweden and the Ukraine.
“It gives our users the flexibility to connect from anywhere on an approved device,” said Blandine Marcelin, group chief technical architect at Gallaher.
Gallaher plans to use the technology, supplied by Actividentity, to enable its staff to sign on to more than 100 software applications using a smart token, rather than multiple passwords.
The system will replace what Marcelin described as antiquated dial-up technology, which was expensive and frustratingly slow for many users. The company has saved £500,000 in dial-up costs during a six-month trial of the technology with 60 employees.
When the system is rolled out by the end of the year, Gallaher expects to make further savings by reducing the volume of calls to the helpdesk about forgotten passwords.
Gallaher plans to issue its staff with a variety of authentication devices, including smartcards, USB tools and one-time password tokens that will allow them to access the Gallaher network through a secure virtual private network.
“Previously some of our countries were connecting remotely without complying with two-factor authentication. We are making sure the entire Gallaher Group is complying to that level of security,” said Marcelin.
Once the roll-out to the first 2,500 employees is complete, the firm plans to issue other staff with smartcards that will allow them to log on to systems using single sign-on.
The cards, which are protected by a six-digit Pin, will store passwords for each application. They will use a digital certificate to identify users.