Mortgage Firm Banks on RSA Sign-On Manager

By Cameron Sturdevant  |  Posted 2006-01-09 Print this article Print

Case Study: Controlling network access with single sign-on authentication cuts costs and decreases help desk calls for Hudson Advisors.

When problems with user tokens started cropping up, Hudson Advisors LLC, a commercial mortgage servicer and real estate asset manager, decided it was time to look at a whole new user authentication system to control network access. Hudson Advisors has replaced its outdated two-factor user authentication system with RSA Security Inc.s RSA Sign-On Manager 4.5 using RSA SecurID tokens.
The new system not only did away with the token problems Hudson Advisors was encountering, but has also allowed the company to quickly decrease password reset costs by leveraging the IntelliAccess password reset capability in the new version.
RSA Sign-On Manager 4.5, which was selected by Hudson Advisors after a six-week bake-off among several products, has also helped lower audit compliance costs, according to Mark Lynd, global chief technology officer and vice president of technology for the company. "Our biggest concern is that we have just over 1,200 users in offices around the world that log in to up to 14 systems in a given day. Ensuring that all users have long passwords that were secure using numerics, alpha and special characters was pretty impossible to maintain," Lynd said. Hudson Advisors couldnt get by with fewer applications. At the same time, it had to demonstrate risk mitigation to external auditors and customers by requiring strong passwords—which meant placing an onerous burden on Hudson Advisors employees. "Also, when we had new employees or employees leave, we had a difficult situation," Lynd said. "We turned to SSO [single sign-on] because it was a good fit for our organization. We wanted to streamline on- and off-boarding [of employees], and we got help passing our yearly audits." Audit compliance turned out to be a big cost-saver for Lynd and his staff when they started using RSA Sign-On Manager 4.5 to demonstrate effective access controls, not just for federal and state regulators, but also for mortgage and financial industry rating agencies such as The McGraw Hill Cos. Inc.s Standard & Poors and Fitch Inc.s Fitch Ratings. Click here to read about why RSAs SecurID tokens have fallen short of expectations. "We wanted an SSO solution that would allow us to go to custom applications, of which we have several, [as well as] third-party applications like Oracle [Corp.s] ERP and Hyperion, and Web-based applications," Lynd said. "That was one of the main things we looked for in our bake-off; not all the products out there are able to support all these types of applications at this point." Lynd related one example of why Hudson Advisors selected RSA Sign-On Manager 4.5. "We have a .Net application that is an investor portal. One of the things we saw with SSO products and Web apps—and that [RSA Sign-On Manager] 4.5 specifically addressed—is that when you end your session, many Web apps take you back to the sign-in screen," he said. "Since the SSO product knows the sign-in screen, it automatically re-authenticates the user, even though they are trying to exit the application." RSA Sign-On Manager 4.5 can be trained to recognize when a user is exiting a Web application and therefore knows not to authenticate the user to the application. Next Page: Costs and payoff of implementing RSA Sign-On Manager.

Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel