By choosing Ilex International’s IAM platform and the expertise of Xelios, the FHV improved the management of access to its information system and offered its employees a functional and secure solution.
The solution implemented:
Sign&go Global SSO
Strong and adaptive authentication, access control, global SSO (Web SSO and eSSO), identity federation and mobile SSO.
Les enjeux
- Securing and consolidating all access to IT systems
- Simplifying password management for the user
- Protecting the information system with total security
- Facilitating access traceability
The FHV: 12 establishments – 7,000 users – 5,000 workstations
As the central agency of Vaud regional hospitals, the FHV includes 12 establishments throughout the region. They include acute treatment hospitals, treatment and rehabilitation centres, a psychiatric hospital, specialised institutions and medical-social accommodation centres.
The Fédération des hôpitaux Vaudois Informatique (FHVI – Federation of Vaud hospitals IT) was established in 1985 in order to pool the resources, skills and equipment necessary for the development and operation of the Vaud regional hospitals information system.
In 2015, the FHVI started to examine the management of its access and identities strategy.
The investigation was launched to end the multiple logins and repetitive password inputs required of hospital users, care and administrative professionals. These processes were a considerable waste of time for users. Furthermore, the FHVI wanted to open its information system up to access from third parties.
A shared technical foundation for scalable
and open access control
By providing its users with Single Sign-On (SSO) for all their applications, the FHVI is meeting several of its objectives.
Firstly, it offers its users ease of access, by simplifying their password management. Releasing staff from the IT constraints will enable them to save time and refocus fully on providing care and the quality of the service offered.
Simultaneously, FHVI wanted to strengthen its system’s security by simplifying the application of its security policy. The use of weak or shared passwords, or even generic sessions open continuously, must come to an end. These practices have become commonplace and have a direct impact on the information system’s security.
In order to provide employees with complete access to authorised applications wherever they are, FHVI wanted to open up access to its information system.
Employees must also enjoy simple and direct access to external services offered by the organisation’s suppliers or partners. The aim here is to avoid users having to sign on each time they wish to connect to a partner application.
« We quickly made the choice to handle internal and external access projects simultaneously, in order to have a more coherent to have a general vision of access management within the network. Although practices differ, our goal remains the same: to control, secure and track access to our information system while offering suitable solutions for our users’ daily lives. »
Ilex International: a solutions provider offering unparalleled SSO functional coverage
After an in-depth analysis of the market, the FHVI chose Ilex International, a specialist publisher in the management of identities and access for 25 years. Its Sign&go Global SSO solution is unique on the market because it offers strengthened authentication, Web Access Management, identity federation, mobile SSO and eSSO (or Enterprise Single Sign-On) functionality, via shared architecture and administration.
« We started by putting a pilot in place for one of the twelve establishments which are members of the FHV. 200 users were involved and were able to benefit from the implementation of biometric authentication for access to their workstations. The saving is real and noteworthy: the session opening time is considerably reduced and use is very simple for our employees. We chose Xelios, Swiss distributor of Morpho solutions, for the digital fingerprint sensors because we knew that it was a recognised and reliable company. »
If necessary, there is also a possibility to sign on with a password; users have a self-service module at their disposal which enables them to reboot simply, without needing support. This is a considerably time saving for both the user and support.
There are many shared workstations in place and we had to put an end to generic work sessions which remain open all day. The solution from Ilex guarantees employees quick and secure access to their personal work environment, whichever workstation they log on from. By placing his finger on the biometric reader, the user unlocks and locks his session instantaneously. With Single Sign-On, he only has to enter his passwords at the launch of his applications, offering improved ease of use.
« Regarding external access, the Sign&go solution has made the extranet portal available, as well as the e-learning application, without having to log in to the VPN, which is impractical. »
Sign&go has also enabled us to offer an identity federation service, enabling FHVI users to access external applications via SSO (suppliers, partners etc.). Access to external services gives the solution real added value and relies on standard identity federation protocols (SAMLv2 in particular).
An innovative SSO solution,
enthusiastic users
and widespread SSO deployment
The solution has broadly appealed to employees and has also convinced the FHVI by improving the management of access to its information system.
« The solution guarantees the traceability of all staff access and has simplified our mission, because it enables us to respond instantaneously to the audit need. It offers a complete visualisation of access to our information system. »
On the strength of the pilot’s success, the FHVI is continuing the deployment of the solution across its twelve establishments. This involves around 7,000 users and 5,000 workstations.
As distributor of Morpho products in Switzerland, Xelios has 15 years’ experience in authentication and access control systems. In partnership with software publishers, Xelios enables many customers to benefit from the effectiveness and reliability of Morpho products.
The benefits
- Centralisation of access management and application permissions
- New user functionalities
- Time and productivity savings
- Guarantee of access traceability