NHS Trust turns to Intercede to simplify their password policy and improve logon security.
Salisbury NHS Foundation Trust is a regional center that provides specialist services for people across much of southern England, including plastic surgery, burns, and genetics to list a few.
THE CHALLENGE
The Salisbury NHS Foundation Trust were struggling to find a way of managing the many thousands of passwords in use across the entire organisation and ensuring regulatory compliance. Richard Gibson, Operations Manager, Informatics at Salisbury NHS Foundation Trust explains: “You can ask staff to reset their passwords, but the tools available to confirm that the password chosen is of adequate strength and complexity are typically manual, time consuming and do not allow a fast-enough response time. What’s more, if the most complex and sensible password is mismanaged, or has been previously compromised, its strength is diminished.”
THE SOLUTION
An initial audit was carried out by the Salisbury NHS Foundation trust which revealed passwords as an area of vulnerability for the Trust IT infrastructure. The audits revealed how many current passwords were known to be breached and how likely employees were sharing work passwords with their personal accounts.
Intercede recommended the Trust to roll out MyID PSM across every Active Directory account, including all service, user and admin accounts helping to secure the corporate Active Directory.
When a member of the Trust attempts to create a new password, MyID PSM automatically checks the proposed credential against NIST SP800-63b password policy. Simultaneously, MyID PSM checks the new credential against the World's largest database of known breached credentials (Password Breach Database) to ensure the new credential is NIST SP800-63 compliant.
The Password Breach database currently holds over 7 billion compromised credentials and is growing at a rate of 3-5 million new credentials added to the database each day ensuring only MyID PSM can check against all known breached credentials for NIST compliance.
THE BENEFITS
Trusted by Governments and Enterprises Worldwide
Where protecting systems and information really matters, you will find Intercede. Whether its citizen data, aerospace and defense systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organizations around the world choose Intercede solutions to protect themselves against data breach, comply with regulations and ensure business continuity.