PM Group, a global engineering, architecture and project management company, has moved to a cloud-based, two-factor authentication model in a bid to cut costs.
The company has been using Cryptocard's BlackShield Cloud solution, which allows it to issue authentication tokens over the cloud to employees' smart and mobile phones. PM Group deployed the solution 18 months ago.
Around 500 of the total 1,600 employees at PM Group need to use tokens for secure access to the company's corporate virtual private network (VPN) and Citrix applications, which run on Microsoft Windows platforms.
Prior to the Cryptocard solution, the company was using physical security fobs from authentication solutions provider Vasco. However, after around seven years of using the physical tokens, PM Group found that issuing, managing and replacing the fobs was becoming a drain on resources.
For instance, despite only having 500 users, the company found that it had 1,200 fobs, with each one costing between €40 and €60 (€48,000 to €72,000 in total just for the physical device).
"People kept losing them," said Niall Twomey, group infrastructure manager at PM Group.
In addition to issuing new fobs, the Vasco devices also need to be replaced when their battery life comes to an end, after about five years.
"With software you don't have that problem," Twomey said.
He added: "The main benefit we are seeing are in terms of maintenance and reliability of the system."
As the new solution requires less maintenance – the backend is maintained by Cryptocard – it has also helped to free up the company's IT staff, of which 14 are based in Ireland.
Tokens can be issued for a wider variety of platforms, Twomey said, including BlackBerry and Linux. Furthermore, because they can be issued via a text message to a phone, it makes it easier for PM Group to distribute them to offsite workers around the world.
"It's easy to deploy – a text message to the phone as opposed to a courier [with a physical fob] by post," he said.