NETWORKS WITH SINGLE SIGN-ON
Streamlining the number of passwords
and resets is a secondary bonus
By Collin Passman
Phishing and ransomware are just some of the strategies used by the perpetrators of cyberattacks. Insurance agencies and brokerages are prime targets, as they hold key customer information that can be used and sold. Insurance agents and brokers must update their cyber security strategies and practices not only to address these potential risks but also to ensure that operations are not overly cumbersome and that they don’t lead to customer dissatisfaction.
As information technology (IT) coordinator with The Signature B&B Companies and in coordination with the IT department of our parent company, Acrisure, LLC, I oversee and coordinate all technology projects, ranging from new software to the introduction of new security protocols to our agency users. I also test all new software and protocols and train users on how to employ them, as well as develop workflows for them to follow when we implement new software and systems.
At some point, Acrisure decided that The Signature B&B Companies would adopt single sign-on to manage passwords and secure the network. With single sign-on, agency users have one set of credentials to log onto the agency network and the agency management systems. By combining single sign-on with multi-factor authentication, we are able to have better control over which users access both the network and the agency management system, as well as secure both systems.
Streamlining the number of passwords and password resets of users is a secondary bonus to the process. To get single sign-on implemented, consider the following tips:
- Understand the process of implementation before starting (e.g., how long it will take, what it means for end users, and what you need to prepare before starting implementation).
- Plan the work and work the plan (i.e., draft a time-table for each phase of the project and follow it).
- Verify and re-verify that each user in your agency is set up for the change.
- Prepare training documentation for the end users and make it easy to follow (i.e., include screenshots to show users what they should see at each step of the process).
- On “go live” day, have support available to handle any issues, because quick responses lead to less frustration.
Now let’s dig a little deeper. The first phase of the single sign-on adoption process is to understand how long it will take, what needs to be prepared before implementation begins, and what it changes for end users. For us, this also entailed a level of coordination with our parent company’s IT department and the support department for our agency management system, Applied Epic, to ensure implementation went smoothly from beginning to end.
Additionally, you need to inform users about upcoming changes, why they are necessary, and when they are expected to take effect. When you’re introducing changes to a diverse group of people, you need to make them comfortable with change before it happens. The more information you give, the fewer obstacles you will have throughout the implementation process.
Drafting the timeline for each phase of implementation should be a top priority, and the timeline should be followed throughout the process. Once the decision was made to adopt single sign-on, I worked with my colleagues in the IT department to verify network users and our Applied Epic users to determine which were active and valid. Acrisure’s IT staff coordinated the valid logins for the network and our agency management system, set about the back office programming and scripting to merge the two sets of login credentials, and set up the multi-factor authentication for the process. This would ensure that all users were given the proper permissions.
[W]e’ve seen a decline in the number of times a user forgets their agency management system password,
because it is the same as their network login credential.
Once the sets of login credentials were merged, I was able to test the single sign-on process over a two- to three-day period. I used my own credentials to log into the systems at different times over that testing period to verify connectivity.
Following the testing period, I created the workflow maps that each of our users would follow using single sign-on, ensuring the process was easy to grasp and outlining what each user could expect to happen on launch day.
Agency management was provided the workflows before launch, allowing them time to review the workflows and have their questions answered. Managers also could offer feedback on potential changes to improve the user experience and lead to less frustration on “go live” day.
Upon approval by agency management, those workflows were sent out to every user, accompanied by an explanation of why the agency was switching to single sign-on and when it would happen. Users were encouraged to review the documents and contact me with questions.
When launch day arrived, I made sure to be on site at the agency to provide support, while the team at our parent company provided troubleshooting support. Even once implemented, agencies will want to make sure they continue to monitor the process for several days after the “go live” date to ensure that users are fluent and comfortable with single sign-on procedures. Because we prepared so much ahead of time, we’ve had little to no issues with the adoption of single sign-on, and it works extremely well across all systems.
In choosing single sign-on, agency users have one set of credentials to log onto the agency network and their agency management systems, while securing both connections to reduce the potential for network breaches. Since we’ve implemented single sign-on, we’ve seen a decline in the number of times a user forgets their agency management system password, because it is the same as their network login credential.
Single sign-on has given users fewer passwords to remember, and more than that, our agency has a more secure network.
Collin Passman is IT coordinator at The Signature B&B Companies in New York and is president of the Tri State EPIC Users Group Chapter of the Applied Client Network. Applied Client Network coordinates development of this quarterly column.