It’s vitally important that the John Lewis Partnership team makes sure that the thousands of the company’s employees it supports can access their networks simply and securely. Historically, the John Lewis Partnership has used a token style authentication solution to enable its employees to securely access the network remotely. This system consisted of a small token that the user carried with them. The token produced an access code for the user to input into their laptop or PC in order for them to access a given network.
However, the token system had become impractical for the needs of the organisation. Matthew Clements, principal programmer for the John Lewis Partnership, explains why they needed to upgrade the system: “The John Lewis Partnership has been using traditional token based two factor authentication with its remote access systems since the late 1990’s. However, after reviewing the capital, revenue and administration costs associated with the existing system we decided to look for a cheaper alternative and found SecurEnvoy’s tokenless approach to be a far superior and cost effective solution.”
“The most important benefit of SecurAccess was removing the need to physically distribute tokens for setup, renewal and repairs. This obviously resulted in much lower administration costs. Our operations are now streamlined as we have a simple software solution for two factor authentication that backends to existing LDAP directories, rather than a disparate proprietary database,” explains Matthew. “Users also have one less credential to remember as we have chosen to implement Windows passwords as the second factor. SecurEnvoy’s product licensing model was also a big attraction as it was more flexible than our legacy token solution.”
The John Lewis Partnership is currently in the process of rolling out SecurAccess to 15,000 employees: “SecurAccess has been really well received within the organisation, it has been working effectively and we have had no problems with the roll out. One good thing is that if people are wary of having their personal mobile number stored, it is actually all encrypted, so the only people who can see their personal details are the administrators, which is a comfort to some people,” said Matthew. “SecurEnvoy has been really flexible to the partnerships needs, it tailored the product to answer the specific issues we had. This now means that we have the option to give it to a wider user base within the business for secure access to our network, even in the event of an emergency.”