Never knowingly unsecured

John Lewis and Waitrose save time and money with SecurPassword

The John Lewis Partnership is one of the UK’s largest and most successful privately owned companies, generating revenues of nearly £7.4 billion in 2010. The organisation makes every employee a profit-sharing Partner in the whole business – part of the reason why the John Lewis Partnership has a reputation for being one of the best companies to work for in the UK. The company has 70,000 Partners, spread mainly across its John Lewis department stores and Waitrose supermarkets.

Although many of these employees are one of the John Lewis Partnership’s shop floor staff – renowned for their excellent customer service – approximately 15,000 employees need remote access to the Partnership’s IT resources. This may be when they are out on the road visiting suppliers or working from a different store, but the primary concerns for these users are ease of access and good security.

The John Lewis Partnership’s previous remote access security solution consisted of physical tokens, but this system had become outdated and when the time came for change. Matthew Clements, prinicipal programmer for the John Lewis Partnership, explains why the upgrade was required: “The John Lewis Partnership has been using traditional token-based two-factor authentication with its remote access systems since the late 1990’s. However, after reviewing the capital, revenue and administration costs associated with the existing system we decided to look for a cheaper alternative and found SecurEnvoy’s tokenless approach to be a far superior and cost-effective solution.”

Matthew and his team found SecurEnvoy’s tokenless 2FA allowed the John Lewis Partnership to eliminate the need to physically distribute, administer and maintain tokens. The result was lower costs and more efficient workflows. Matthew Clements: “Our operations are now streamlined as we have a simple software solution for two-factor authentication that backends to existing LDAP directories, rather than a disparate proprietary database.”

The Partnership was also pleased with the ease of access of SecurEnvoy’s SecurPassword system.  The Partnership chose to use existing Windows passwords as the second factor, meaning that users have one less credential to remember.

Any security measure has to ensure that a company’s information and user data is safe, all while providing an obstacle-free experience for authorised users. “SecurPassword has been really well received within the organisation, it has been working effectively and we have had no problems with the roll out. One good thing is that if people are wary of having their personal mobile number stored, it is actually all encrypted, so the only people who can see their personal details are the administrators, which is a comfort to some people.”

For a company that has a formidable reputation for service and expertise, the John Lewis Partnership has been impressed with SecurEnvoy’s flexibility: “SecurEnvoy’s product licensing model was a big attraction as it was more flexible than our legacy token solution. SecurEnvoy has been really flexible to the partnership’s needs, it tailored the product to answer the specific issues we had. This now means that we have the option to give it to a wider user base within the business for secure access to our network, even in the event of an emergency.”

If you would like to find out how you can benefit in the same way as the John Lewis Partnership then call SecurEnvoy on 0845 260 0011 or email sales at

Category: Industry News


Multi-Factor Authentication



Any user. Any device.

For companies that take authentication seriously.

Learn more about SecurEnvoy MFA
Cyber Security Blog

Hear more from
our security

Sign-up today

What to read next...