Case study: Tayside

Tayside Fire and Rescue employees can now reset or change a password in less than 30 seconds, compared with two weeks previously

Covering an area of 75,000 square kilometres, Tayside Fire and Rescue has 721 firefighters with 50 fire appliances strategically located at 24 fire stations. The service offers 24-hour cover, 365 days a year, protecting the local authorities of Angus, Dundee City and Perth and Kinross – everything from densely populated towns to vast areas of countryside.

Following the chief fire officer’s directive every employee – from firefighters to janitorial staff – has access to core applications through the network, a dramatic increase in IT use that highlighted issues of access control and management.

‘We went from 120 to 794 users overnight,’ says IT manager Gary Bellfield. ‘With users accessing as many as 10 separate applications our complex password policy put a strain on our IT support staff and caused frustration for all involved.’

The growth in IT use saw password resets increase to a point where they were accounting for up to two days a week of one IT member’s time. Bellfield and his team set about finding a smart and affordable solution to alleviate the problem.

After evaluating a number of single sign-on solutions, Tayside Fire and Rescue chose Imprivata OneSign. Offering password and biometric sign-on options, the system also included user resettable passwords provision.

Imprivata has allowed the organisation to seamlessly implement a tighter password policy, with the system managing regular, dynamic changes to complex passwords without any end user impact. ‘Previously resetting or changing passwords could take up to two weeks,’ says Bellfield. ‘Now it takes less than 30 seconds, and because there is only one password we can insist on a stronger mix using a minimum of eight letters and characters.’

Once authenticated and identified, each user has access to systems according to their role. ‘We use single sign-on to manage the password access to each of the allowed applications,’ says Bellfield. ‘For our remote users it is more complex – they need to have not only the correct user name, but the correct security token and be using the correct machine.’

Having a single biometric login is proving extremely popular with users, and is highly secure. And for the IT staff, password resets are a thing of the past – they can now concentrate on the maintenance and development of internal systems.