When US manufacturer Major Tool & Machine had to implement multifactor authentication for all its users and record every login by user name, the company struggled to find a time-efficient, cost-effective solution. After researching various alternatives the company implemented proximity-based authentication solution GateKeeper, which only adds 2-5 seconds to the login process and automatically logs employees out when they walk away from their computer, as well as providing precise records of every login and logout. It uses 90 percent less time than any other authentication methods considered and provides the security and records which are critical to ensuring regulatory compliance.
About Major Tool & Machine
Major Tool & Machine (MTM) has a world-class manufacturing facility offering state-of-the-art machining, fabrication, assembly and finishing services. With a combination of world-class equipment, skilled employees, advanced technology, business & quality systems, and engineering &project management expertise, MTM is positioned to be the maximum value option for its customers.
In 2017, MTM was required to comply with a government security mandate (part of DFARS, the Defense Federal Acquisition Regulation Supplement) that requires it to utilise a multifactor authentication solution for all users and record all computer access by employee name.
The majority of solutions were routine two-factor authentication products that require each user to have their own unique user ID to log on to a computer, complete their task and manually log off. The next person in line would then have to do the same. This was not practical as it would incur high costs and extra time for each employee to log on and off for each transaction i.e. it was not time or cost-effective.
After researching and testing GateKeeper, MTM realised that it was the optimum solution, balancing security and convenience. Implementation procedures for this solution were seamless. Every employee is issued a GateKeeper key and is then required to set up a unique access PIN for their individualised GateKeeper account.
The employee approaches a data terminal and enters their PIN into the client software. The receiver detects the fob, reads the serial number, verifies the fob and PIN are a match and ‘unlocks’ the screen. An entry is created in the server log indicating the employee, fob serial number, computer name and the date and time that the screen was unlocked. This process emulates the security of individual logins in a more timely, cost-effective fashion.
When the employee is done, they can simply walk away. The proximity sensor will automatically ‘lock’ the screen when they are a very short distance away and a lock entry is created in the server log. The computer is immediately ready for the next employee.
MTM was pleased with how quickly its team of nearly 400 were able to adopt the new login procedures. Once implemented, the system immediately began to generate thousands of unlocking and lock events per day. This validated the need for precise records given the volume of transactions and the number of people with access to protected information.
GateKeeper only added 2-5 seconds on average to the login process. While conventional two-factor authentication methods could have cost the company over 240 hours of login time for 14,000 logins in one month, GateKeeper took only 20 hours of time to log in per month. It made the computers secure and cost 90 percent less in time compared to any other authentication method that MTM evaluated.
Finally, a vital benefit realised with the GateKeeper management software was an easy way of handling employee turnover. With a staff of nearly 400, replacing people at any given time is a reality at MTM. GateKeeper made revoking access by disabling the employee’s key happen in real-time, eliminating the need for any complex procedures to manage employees leaving the company.
In summary, Gatekeeper solved one critical aspect of complying with DFARS and securing workstations for Major Tool & Machine, while providing a seamless tool for employee computer access and securing their data.