Fred Astfeldt, head of sales at Authlogics, explains how NHS trusts are increasingly replacing ‘hard-token’ authentication systems with new 1.5FA technology
During recent conversations with senior IT professionals working within NHS trusts, a similar theme keeps recurring. They know they have done the right thing by investing in two-factor authentication (2FA) to provide the necessary protection that their IT infrastructure needs, but now they feel like they are being punished for that decision, as the large initial investment has been compounded with high ongoing running costs and an inflexible system that cannot adapt to how their staff work today.
Does this sound familiar? Go back five years and hard-tokens were really the only viable option if you wanted to add additional layers of security, and also respond to the need for consultants and other healthcare professionals to be able to be more agile in how they access important networked resources, whether on or off site. However, hard token 2FA came at a price, with initial hardware costs, slow deployment, extensive staff training, laborious administration as users come and go, the need to replace broken and lost devices, and excessive licensing costs. As a result, these organisations now feel like that they have no other option but to stick with what they have, yet this could not be further from the truth.
They know they have done the right thing by investing in two-factor authentication to provide the necessary protection that their IT infrastructure needs, but now they feel like they are being punished for that decision
With pressure to reduce costs and improve performance, without impacting frontline services, NHS trusts need to be scrutinising and challenging every aspect of their day-to-day operations. When you challenge how authentication is currently being run, versus what is now possible, it opens up a bright world of new opportunity.
As with all technology what is possible today with modern authentication solutions bears little resemblance to what has gone before, both in how it functions and how much it costs. These solutions are based on innovative patented technology, which while new have been rigorously tried, tested and proven not only within the NHS but other public sector organisations, as well as banks and law firms.
When you challenge how authentication is currently being run, versus what is now possible, it opens up a bright world of new opportunity
These new solutions offer ‘traditional’ 2FA, but also 1.5FA, for instances where authentication is necessary, but full 2FA is not necessary. Crucially, they replace hard tokens with a soft token that can easily be installed via an app on the user’s mobile device. As a result, it is far more scalable - deployment to over 1,000s users can be done in matter of minutes - without ever needing to buy more hardware. And, as it integrates fully with the Active Directory, it gives the IT department far greater policy control over who can access what and when, which is particularly valuable in managing permissions for the large number of contractors that come and go.
Another major benefit is removing the reliance of passwords as these new solutions favour a pattern-based approach, meaning staff wanting quick access to a vital piece of information do not have to remember their password, and the IT helpdesk isn’t overrun with reset requests.
One fantastic example of how this new form of authentication is working in practice comes from Liverpool Heart and Chest Hospital, which took the decision to replace its incumbent system with a replacement. In the words of the IT operations manager, Matt Connor, who oversaw the project: “We needed to find a replacement that would pair high levels of security, authentication and verification, to protect systems and the confidential data residing on them, with a straightforward, reliable and quick sign-in process to encourage widespread usage.”
The vendors that have innovated this new generation of authentication solution understand and are sympathetic to the plights of NHS trusts, having the skills and expertise to make the changeover seamless and stress-free
The vendors that have innovated this new generation of authentication solution understand and are sympathetic to the plights of NHS trusts, having the skills and expertise to make the changeover seamless and stress-free. Furthermore, they are able to provide compelling return-on-investment coupled with strong incentives to help make the decision to transition even easier.
Connor added: “We had total confidence in replacing our hard tokens with a 1.5FA solution and we would encourage other NHS Trusts to explore this approach.”
