NHBC secures network with cloud-based two-factor authentication

The National House-Building Council has secured access to its corporate network with Cryptocard authentication-as-a-service platform

NHBC (National House-Building Council), a warranty provider and standards body for new-build homes, has secured remote access to its corporate network with cloud-based, two-factor authentication technology from Cryptocard.

Some 750 of NHBC's 1,100 staff are based in the field, resulting in a high volume of remote access requests to the corporate virtual private network. To ensure that these requests are from legitimate employees, the organisation has deployed Cryptocard's BlackShield Cloud authentication platform.

Michael Neve, head of services delivery at NHBC, said that the implementation of the solution had been fast.

"Implementing Cryptocard's authentication platform is one of the fastest IT projects that we have done.

"We are embracing the cloud cautiously within NHBC but Cryptocard has delivered a true cloud experience, exceeding our expectations in terms of integration, the availability of SMS and hard tokens, value for money and the short amount of time it took to implement."

He added that the ease of access to the corporate network using the new authentication technology has left more time for field-based staff to spend with customers.

"Our employees can now spend more of their time with customers out in the field, able to access information securely and easily."

The solution protects cloud and web applications and network access devices on a pay per user pricing model. NHBS stated that ease of use, value for money and its selection of hard and soft tokens were factors in its decision to select Cryptocard's authentication platform.

Soft tokens were provided to staff via SMS, which made distribution of these tokens far simpler for mobile staff who rarely visit the office.

Hard, or physical, tokens were also given to some employees.

These tokens all generate one-time user passwords, which are far harder for cyber criminals to discover than traditional static passwords.

In late 2010, cyber prankster group Lulzsec released the usernames and passwords of 1.3 million users of gossip site Gawker. Since one-time use passwords expire and require regeneration after each successful login, this sort of hack is not possible with this technology.

The solution was delivered through NHBC's solutions provider, Virgin Media Business.