Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Applications
    • Applications
    • Cybersecurity

    Mortgage Firm Banks on RSA Sign-On Manager

    Written by

    Cameron Sturdevant
    Published January 9, 2006
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      When problems with user tokens started cropping up, Hudson Advisors LLC, a commercial mortgage servicer and real estate asset manager, decided it was time to look at a whole new user authentication system to control network access.

      Hudson Advisors has replaced its outdated two-factor user authentication system with RSA Security Inc.s RSA Sign-On Manager 4.5 using RSA SecurID tokens.

      The new system not only did away with the token problems Hudson Advisors was encountering, but has also allowed the company to quickly decrease password reset costs by leveraging the IntelliAccess password reset capability in the new version.

      RSA Sign-On Manager 4.5, which was selected by Hudson Advisors after a six-week bake-off among several products, has also helped lower audit compliance costs, according to Mark Lynd, global chief technology officer and vice president of technology for the company.

      “Our biggest concern is that we have just over 1,200 users in offices around the world that log in to up to 14 systems in a given day. Ensuring that all users have long passwords that were secure using numerics, alpha and special characters was pretty impossible to maintain,” Lynd said.

      Hudson Advisors couldnt get by with fewer applications. At the same time, it had to demonstrate risk mitigation to external auditors and customers by requiring strong passwords—which meant placing an onerous burden on Hudson Advisors employees.

      “Also, when we had new employees or employees leave, we had a difficult situation,” Lynd said. “We turned to SSO [single sign-on] because it was a good fit for our organization. We wanted to streamline on- and off-boarding [of employees], and we got help passing our yearly audits.”

      Audit compliance turned out to be a big cost-saver for Lynd and his staff when they started using RSA Sign-On Manager 4.5 to demonstrate effective access controls, not just for federal and state regulators, but also for mortgage and financial industry rating agencies such as The McGraw Hill Cos. Inc.s Standard & Poors and Fitch Inc.s Fitch Ratings.

      /zimages/6/28571.gifClick here to read about why RSAs SecurID tokens have fallen short of expectations.

      “We wanted an SSO solution that would allow us to go to custom applications, of which we have several, [as well as] third-party applications like Oracle [Corp.s] ERP and Hyperion, and Web-based applications,” Lynd said. “That was one of the main things we looked for in our bake-off; not all the products out there are able to support all these types of applications at this point.”

      Lynd related one example of why Hudson Advisors selected RSA Sign-On Manager 4.5. “We have a .Net application that is an investor portal. One of the things we saw with SSO products and Web apps—and that [RSA Sign-On Manager] 4.5 specifically addressed—is that when you end your session, many Web apps take you back to the sign-in screen,” he said. “Since the SSO product knows the sign-in screen, it automatically re-authenticates the user, even though they are trying to exit the application.”

      RSA Sign-On Manager 4.5 can be trained to recognize when a user is exiting a Web application and therefore knows not to authenticate the user to the application.

      Next Page: Costs and payoff of implementing RSA Sign-On Manager.

      Costs, Payoff of Implementing

      RSA Sign-On Manager”>

      One of the oldest complaints often made against SSO products is that they are costly and difficult to implement.

      Implementing RSA Sign-On Manager wasnt a cakewalk, but it was easier than Lynd and his staff thought it would be, he said.

      “Our application group, which deals with traditional client/server, third-party and Web apps, and the infrastructure group, did separate testing and then conferenced together on the final product pick,” Lynd said.

      “Our implementation was up, and we had sign-on templates for nearly 20 applications done in just about two weeks—creating the templates was much easier than we thought it would be.”

      The payoff has been improved user productivity, reduced support costs and an improved ability of IT to respond to external audit and report requests.

      Lynds team gauged user sign-in time at offices around the world. Based on these observations, they determined that the average user spent between 5 and 7 minutes logging in, Lynd said. Because the company bills by the hour, each employee minute can be valued.

      “With 1,200 employees, that number grows pretty quickly,” Lynd said.

      In addition, RSA Sign-On Manager 4.5s IntelliAccess feature, which allows users to gain access to protected resources by answering a set of personal questions correctly, means that Hudson Advisors has significantly reduced help desk calls for password resets while maintaining secure access.

      Lynd also noted that the support provided by RSA and Hudson Advisors technology implementation partner, Dynetech Corp., was a key factor in the success of the SSO project.

      “Unlike some other vendors we tried to work with, when we had problems and we went to RSA, both the local office as well as RSA corporate worked hard to solve the problems,” Lynd said.

      Hudson Advisors is counting on this continued support, Lynd said, to ensure the success of the firms plans to further expand the use of SSO.

      Labs Technical Director Cameron Sturdevant can be reached at [email protected].

      Case file

      • Company Hudson Advisors
      • Location Based in Dallas; more than 30 offices worldwide
      • Problem Token problems in two-factor authentication system prompted a general re-evaluation of the companys user authentication methodology
      • Solution RSA Sign-On Manager 4.5
      • Tools Microsoft Corp.s Systems Management Server and Active Directory, RSA key fob tokens
      • Whats next RSA Sign-On Manager 4.5 rollout to Hudson Advisor offices in Asia Source: eWEEK Labs reporting

      Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Cameron Sturdevant
      Cameron Sturdevant
      Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at [email protected].

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.