Top 20 Accounting Firm BKD Deploys PhoneFactor to Secure Remote Network Access
The Business Challenge:
BKD, LLP, a top 10 U.S. CPA and advisory firm, helps growing companies and high net worth individuals go beyond their numbers by applying technical expertise, unmatched client service and disciplined delivery of solutions. Their mission is to always strive for excellence in providing services to clients, create rewarding career opportunities and maintain sound professional, business and financial standards. Prior to adopting PhoneFactor’s service, BKD was exploring the option of using tokens for a two-factor authentication system they needed for an anticipated 1,250 of its more than 1,600 total personnel. After carefully considering multiple decision points including vendor selection, procurement, configuration, troubleshooting and repairing/replacing broken devices, BKD concluded that token management can add significant costs and risks.
“We quickly determined the traditional token approach would require significant internal resources at a time when internal resources were stretched thin on multiple projects,” said Bill Melgren, BKD Director of Information Services.
The Solution:
Like other CPA firms, BKD was concerned about security and needed a reliable, but user-friendly, system in place to protect sensitive client data. BKD chose PhoneFactor, a proprietary, phone-based two-factor authentication service, to solve their authentication challenges. PhoneFactor is a completely secure password authentication technology that provides organizations with a simple, safe, and cost effective way to protect themselves and their customers from cyber theft. This unique technology eliminates the need to purchase or manage tokens, and leverages the cell phone, a device that people normally carry, to provide an out-of-band, second layer of security. Since PhoneFactor doesn’t require hardware or internal IT management, this unique approach made all the difference in the final selection.
“Secure access is an integral part of realizing the value of the productivity enhancing technologies that PhoneFactor was implemented to support,” said Melgren.
PhoneFactor works by adding a second authentication check, automatically, behind the scenes. Each time a user tries to authenticate, following password validation, the user’s phone is called. The user simply has to answer the phone and is prompted to enter an assigned PIN number. Because of the secondary authentication call, attackers need to know both the user’s password and have physical possession of the user’s phone. This second factor – the possession of the phone itself – adds a significant additional layer of security, providing proactive and immediate, real-time fraud notification. Since PhoneFactor is installed and configured through a web-based platform, BKD had quick installation of their new service.
“PhoneFactor got us up and running in a fraction of the time that would have been required by a traditional token approach,” said Melgren. “Internal resource utilization has been kept to a minimum throughout.”
PhoneFactor is easy to set up and requires no training. Since deployment, the service has been operating reliably, and BKD employees can rest assured knowing 24/7 support is available to all administrators and end users. “The PhoneFactor implementation team demonstrated an excellent client service attitude, dedication, skills, and knowledge,” said Melgren.
