Case Study: The Reassurance of One Time Passwords comes to Clyde & Co
With more than 1,500 lawyers operating from 39 offices and associated offices in six continents, Clyde & Co is a global lawyer’s office with a resolute focus on its core sectors of insurance, aviation, energy, infrastructure, natural resources, marine and trade. As a top ten law firm, data security is a key issue for its clients, and thus for the company itself as well. In order to protect business critical data and ensure client confidentiality, law firm Clyde & Co decided to implement a secure authentication method.
The company employs lawyers all over the world, so Clyde & Co needed to offer a range of options to suit all working styles suitable for both its stationary and its mobile workforce. “We were looking for a new security vendor and had a number of requirements,” said Chris White, Chief Information Officer at Clyde & Co. “Outstanding security to reassure our clients; reliable and efficient vendor support, strong functionality supporting the firm today and in future and, lastly cost efficiency.”
In addition to that, there were some challenges that had to be overcome. “Partnership environments are notoriously difficult environments to achieve consensus for new initiatives.” Chris continued, “To implement this solution, we needed approval from a broad range of stakeholders. VASCO’s excellent service offering convinced all parties involved and enabled us to meet everyone’s requirements.”
“We believe VASCO offers a product and service that is unrivalled by its competitors,” Chris stated. “Moreover, the ability of our support team to resolve any token issues with VASCO directly, rather than having to work through a supplier, means we can ensure our lawyers are online quickly and easily, and ultimately deliver a stronger service to our clients.”
A RANGE OF OPTIONS
Clyde & Co has a total staff of more than 3,000, comprising partners, fee-earners and business services staff. All external Citrix portals and VPN clients are now secured with VASCO. Instead of logging on to the network with an unsafe static password, the employees at Clyde & Co use a method called two-factor authentication. This means that two elements have to be involved: something you have – in this case a DIGIPASS to obtain a one-time password (OTP) – and something you know, such as a personal static password.
Two different VASCO solutions were chosen to suit all working styles: DIGIPASS for Mobile and DIGIPASS GO 6. The former is an application that can be installed on one’s Smartphone and that generates one-time passwords on the device itself. The latter is an easy-to-use single button hardware device. With a press of the button, DIGIPASS GO 6 displays a dynamic OTP for each time a user logs on remotely. Clyde & Co particularly liked the mobile solution, because of its ease and convenience.
All the external Citrix portals and VPN clients are now secured by VASCO’s DIGIPASS and IDENTIKEY Authentication server. When users want to log on to the corporate network remotely, they log in with their normal username and password, plus a PIN code and an OTP generated by either DIGIPASS GO 6 or the DIGIPASS for Mobile application on their Smartphone. The OTPs are only valid for a limited amount of time. Every login requires a new, unique password, so stealing them becomes pointless for criminals. At the back-end, IDENTIKEY Authentication Server verifies the authentication requests of the individually assigned DIGIPASS tokens against a local database of users.
“VASCO’s solutions differed from other vendors’ solutions because their solution is easy and intuitive to use,” Chris explained. “We particularly liked the simple approach applied to tokens for mobile devices. The deployment of the new solution was fast and efficient, and we were confident in VASCO’s ability to support the implementation with minimum fuss.”