The Lowry, Salford Quays turns to tokenless access Two-factor authentication from SecurEnvoySecurEnvoy 20/06/2014, Archive
An architectural flagship was built in 2000 in Salford Quays, the harbour docks of Manchester. The Lowry has become a cultural centre of the English city. The staff use a Virtual Private Network (VPN) when organising its numerous events. And The Lowry uses tokenless two-factor authentication from SecurEnvoy in order to ensure secure logins to the system. In addition to a user name and password, the login also requires a passcode, which is sent to the mobile phones of users. The entry of this code enables secure access to the VPN.
The Lowry has three theatre spaces, a permanent LS Lowry exhibition and two additional gallery spaces. Its programme includes performances by partner companies including National Theatre, Birmingham Royal Ballet, Rambert and Opera North. In order to collect the data for all the performances, The Lowry staff use a VPN. The management wanted a solution that enabled well-protected logging in to the corporate network based on a secure two-factor authentication procedure that complied with the Payment Card Industry Data Security Standard (PCI-DSS) at all times. On the recommendation of the experienced system integrator Network Defence, they decided on SecurAccess from SecurEnvoy.
No more login hassles
In contrast to many other authentication approaches, the solution does not require a dedicated physical token - the mobile phones that the staff already have with them anyway are used for such purposes. If, for example, a member of staff wants to access the concert data, he/she first needs to identify himself/herself with a personal user name and password. If these details are correct, the user then receives a six-digit numeric passcode on his/her mobile device, which is delivered by text message. The user then enters this on the VPN login screen. If all the entries are correct, the member of staff is granted access. Alternatively, the user can obtain the passcode from The Lowry by email, app or via a landline telephone call.
Installation without interrupting operations
SecurAccess from SecurEnvoy was installed by the system integrator Network Defence. The installation took half a day and had no impact on the daily operations of the business SecurAccess runs via the VPN from AppGate and is used by all departments and staff.
"The tokenless approach to two-factor authentication results in significant cost savings for us," says Darren Mullin, IT Manager at The Lowry. "Thanks to SecurEnvoy, we do not need to resort to expensive dedicated physical tokens, which can also easily be lost. Our staff only need their mobile phones in order to log in securely to our VPN. In addition, we now adhere to PCI-DSS-Compliance at all times.“
Further information on the SecurAccess solution from SecurEnvoy can be seen in a video on YouTube.