As a part of a scheduled 3-year review, Tata Steel was looking to improve upon its existing two-factor authentication solution. Having previously invested in over 5,000 hardware tokens, the IT department was weighed down with hardware costs and a significant administrative overhead. With tokens being exchanged every 3 years, and many being lost in the interim, Tata Steel found itself in an almost constant state of hardware replacement.
When it came to reviewing alternatives, Tata Steel considered both hardware and software token providers but, in the end, opted for the tokenless solution from SecurEnvoy. Rather than employing an additional piece of hardware, SecurEnvoy MFA utilises a user’s existing device (smartphone, tablet etc.) to deliver the passcode – which can be valid for one-time use, multiple use or a fixed period of time.
During the roll-out, users were able to benefit from the flexibility inherent in the system. Default users received OTP via SMS
in real-time; if employees were in areas of poor reception, codes would be valid for multiple use. Users without access to a mobile phone received passcodes daily via email.
“Our administration and maintenance workload had been reduced significantly” says Erik den Hertog, Service Delivery Manager for Network Services, Tata Steel. “We haven’t had to procure any new devices either, as existing phones and laptops are being used. The costs savings are very obvious.”