Sandis – an integrator and software provider for the insurance industry, selects and implements the Secfense User Access Security Broker solution in the WAGAS group. Thanks to the implementation, among other outcomes, The Polish Financial Supervision Authority (UKNF) recommendations regarding cybersecurity in 27 different applications are being realized.
Sandis offers software for the distribution of insurance products and services in infrastructure management and application development. Working with the WAGAS Group, the integrator faced the challenge of securing both the applications it offered and those of third-party vendors. The main challenge was the multitude of systems, the diversity of technologies, and the age of some applications.
One of the project’s key objectives was to offer users a consistent solution regardless of the application they use. Implementing MFA security at the level of each application would be too costly, lengthy, and difficult to maintain. That’s why Sandis chose the Secfense solution, whose implementation does not require interference with the application code.
“As part of the pre-implementation analysis, we verified that users utilize a wide range of client platforms: desktop computers, laptops, tablets, smartphones, and traditional mobile phones. Each of these devices differs in technological advancement, features, and level of security. Because of this, and also due to the recommendation of the Polish Financial Supervision Authority (UKNF), we decided to introduce additional protection in the form of multi-factor authentication mechanisms based on FIDO. As a result, users of our applications can log in safely, avoiding common cyber threats such as phishing, account takeover, and theft of their own and their clients’ data,” says Marcin Bobruk, CEO of Sandis.
Sandis chose to implement the User Access Security Broker (UASB) from Secfense because the solution allows it to quickly extend strong authentication to any system or application without interfering with its code. In addition, UASB enables the use of any two-factor authentication component. Alongside FIDO, a dedicated mobile application, and one-time passwords generated by Authenticator-type apps, Sandis has also retained the option of authentication using codes sent via SMS or emails, accessible on all client devices.
– In cyber security, user convenience is essential. If we force employees to set complicated passwords on systems, they will write them down on pieces of paper attached to their monitors or use the same characters in all applications. That’s why making the login process easy for users while giving them a choice of the authentication components they find most intuitive is essential. The world is moving towards passwordless passwordless, which means a complete move away from passwords, which are easy to intercept or break. Biometrics-based authentication is, therefore, the future and is worth looking into today. – explains Krzysztof Góźdź, sales director at Secfense.
Sandis has already secured 11 applications it offers in the first phase of the deployment, intending to eventually provide security for 27 applications hosted in three different data centers.
“We rapidly implemented a tool that allowed us to provide modern protection for over 5000 users. And we are fully prepared to secure additional applications. The speed and ease of implementing the User Access Security Broker led us to skip the Proof of Concept stage. We determined that the straightforward implementation and the subscription-based licensing model, which includes support, among other things, allow us to move to the deployment and production phase immediately,” concludes Marcin Bobruk from Sandis.