New Orleans rolling out multifactor authentication tool across city agencies
New Orleans is rolling out a new multifactor authentication identity management system across the city’s agencies, aiming to better secure the city’s data and give employees the chance to work wherever they please.
Several city agencies are already using SecureAuth’s “IdP” tool for security services, giving workers the chance to access government networks via a single sign-on password and a soft token on their devices to add extra security.
That process has proven so seamless for the city that Freud Alexandre — New Orleans’ enterprise architect and security manager — told StateScoop that he’s hoping several more departments put it in place over the coming months.
“For us, it’s an invaluable service that I don’t know that I can live without at this time,” Alexandre said. “I can’t even measure in terms of time or success that it’s provided, it goes a long way. It provides a lot of flexibility and security to provide applications and data to your own people on demand, which is one of the biggest things we have to do as a business on a day-to-day basis.”
Alexandre noted that the city began appreciating the need for a shift in its security practices “a few years back,” and started looking for a way to start securing their “entire environment.”
“Today, we live in a world where things are sent to your device, whether it be your cellphone, notebook, tablet, so on,” Alexandre said. “So how do we know that we’re protected from any malicious email or activity?”
After “careful research” and a “very rigorous procurement process,” Alexandre said they landed on SecureAuth. While he was looking for a company that could provide the city with both two-factor authentication and a single sign-on system, he said SecureAuth stood out because it also provides a “self-service portal” to help employees manage their own accounts and cut down on calls to the city’s IT department for help.
“It met all of our needs,” Alexandre said. “It met every single point for every control that we need.”
Crucially, the system also helped the city meet the FBI’s Criminal Justice Information Services standards for law enforcement data, as well as the strictures laid out by the Health Insurance Portability and Accountability Act.
[Read more: Behavioral biometrics: The future of authentication?]
That’s let the city’s police department embrace SecureAuth, giving officers secure access to the network even when they’re in the field.
“They have the ability to perform daily tasks that they’ve never had the ability to perform before,” Alexandre said. “We use two-factor authentication where the police force out in the field have the opportunity to log in from the outside and be able to authenticate against our very own active directory to make sure they can log in and process certain things in different applications that we have set up.”
Craig Lund, SecureAuth’s CEO, noted the tool doesn’t require a “cumbersome” hardware token, a frequent issue for officers working in the field. Instead, police can simply use their phones to provide an extra layer of security, yet still access data quickly.
That sort of portability has also opened up possibilities for the city’s health department, Alexandre said.
“If you’re in the healthcare field, at clinics, we can set it up so it can be proximity triggered,” Lund said. “If a doctor or practitioner gets close to the resource and it’s identified that it’s their device, it can automatically log them in.”
But Alexandre said the system’s proved to be helpful for even more mundane uses, like employees hoping to get some work done at home.
“We live in a more in-demand society where people have a stroke of genius any time of day, any time of night,” Alexandre said. “Now we have the ability for them to log in from anywhere, and as long as we know that they’re using that second factor, whether it be a device we already know that’s been fingerprinted or use the soft token, they’ll have the ability to sign in and perform some of the tasks or duties they need to perform. So for us, it’s an extension of our environment anywhere in the world.”
Alexandre said the IT department’s sketched out a “roadmap” for how they’d like to keep expanding the tool and offer that sort of convenience to all employees, targeting the city’s Department of Finance as one agency that could benefit from the added security.
But he doubts that the city will stop there, based on how SecureAuth has worked so far.
“I often say that I wish I would’ve started with this first, versus all the other security tools that I’ve implemented,” Alexandre said.