Background
Hobart and William Smith are future-focused, liberal arts and sciences institutions led by a faculty of accessible teacher/scholars known for the impact of their research and distinguished by the depth of their mentorship. To best prepare students for impact and success, the Colleges nurture intellectual, professional and ethical development. Students benefit from Hobart and William Smith’s location on the edge of Seneca Lake which serves as a classroom, a destination and a reminder of each individual’s endless potential.
The Challenge
In early 2017, Hobart and William Smith Colleges (HWS) began to see many higher education applications transition into the cloud, which required different authentication methods than their existing LDAP environment could provide.
To support the transition of their own applications, as well as remain ahead of a rapidly shifting security landscape, HWS knew they needed a federated solution that allowed for both flexibility in configurability and scalability for the future. They knew that while Multi-factor Authentication (MFA) and Single Sign-on (SSO) were not an immediate need, the power of having that available to them, in one solution, was key. It was through this discovery work that they realized this was more than remaining current with login standards – it was about consolidating authentication solutions for the future.
“What we liked best about SecureAuth’s solution was that we could get federation, self-service password management, and multi-factor authentication in one product, as well as the ability to only have to go to one source for support.” said Derek Lustig, Director of Infrastructure and Security Services at HWS.
“What we liked best about SecureAuth’s solution was that we could get federation, self-service password management, and multi-factor authentication in one product.
The Solution
Different MFA methods were a must for HWS, especially as demand for mobile access increased and more applications were shifting to the cloud. “SecureAuth worked with us to provide a flexible, scalable MFA solution that utilized RADIUS, SAML, OpenID, SSO, and security questions, while still working well with WS-Fed and WS-Trust – a key differentiator for us,” said Jason Shomper, Infrastructure & Identity Architect, HWS.
In addition, SecureAuth partnered with HWS to develop a PeopleSoft Authenticator, crucial to their implementation, which saved them from not only having to find an additional vendor, but from additional expenditures, as well.
“SecureAuth was very willing to listen to us and partner with us on coming up with solutions to solve for some of our specific needs, namely our need for a PeopleSoft Authenticator.” said Dean LeVey, SeniorOracle DBA & PeopleSoft Systems Administrator at HWS. “If they didn’t partner with us on that, we would have had to spend more time and money with another vendor to do it.”
“SecureAuth was very willing to listen to us and partner with us on coming up with solutions to solve for some of our specific needs, namely our need for a PeopleSoft Authenticator.
The Results
The security team at HWS realized numerous benefits from the implementation of their SecureAuth MFA solution, namely an end-user adoption rate of close to 100%, which they attribute to their robust roll-out plan in 2019.
“Our leadership team developed communications and procedures around the transition to MFA and how to use it, which was critical to the rollout’s success,” said Lustig. “This plan included an initial pilot phase with a handful of users, then moving onto our major applications, then finally everything else, which included turning on MFA for all.”
“For the past two years, almost 100% of our user population is using MFA without adding extra operating costs.” Lustig added.
HWS were one of the first higher-education institutions to roll out MFA for all students that year.
“For the past two years, almost 100% of our user population is using MFA without adding extra operating costs.
HWS continues to evolve their solution by “utilizing the intelligence of SecureAuth’s Adaptive Authentication capabilities, to improve our security posture and our user experience,” said Lustig. “We look forward to continuing to leverage all that is available from SecureAuth.”