Renasant Bank withdraws password management issues from its organization with Imprivata’s OneSign Single Sign-On
- $4.2 billion in assets
- Headquartered in Tupelo, Mississippi
- Financial Services
- Numerous passwords frustrated users
- Difficulty accessing applications led to decreased productivity
- Financial information jeopardized by employee password management practices
- Improved employee productivity and customer service
- Increased the security of customer and bank information
- Reduced software and license expense with Imprivata OneSign reporting capabilities
With over 120 locations across four states, Renasant Bank has established itself as a trusted financial institution in the more than 100 years it has been in business. As technology has evolved over the last century, so has the bank.
The business challenge
To ensure the security, integrity, and confidentiality of customer information and financial transactions, the bank has made numerous strategic investments in technology and implemented security policies that would improve the overall security of customer and bank information.
One aspect of the bank’s overall security strategy was to password-protect every application its employees access to do their jobs, including Calyx, a platform for managing all aspects of the loan process, and Banker’s Insight, an integrated application for real-time customer insight.
However, every solution required a unique password from each user and for most employees that meant memorizing dozens of passwords. Not surprisingly, employees started to become overwhelmed with the number of passwords they needed to manage on a regular basis. This in turn impacted customer service and productivity as the managing of these passwords became so time-consuming. In order to save time and prevent aggravation, employees began writing down passwords on pieces of paper, often taped to their monitors, to help them access solutions more quickly. This practice put the bank’s customer and financial information in jeopardy – and with heightened security concerns, the bank needed to change these practices.
“The retail banking group contacted us, requesting a solution that would enable them to manage passwords and improve employee access to their numerous applications while making the bank’s information more secure,” explained James Hayes, first vice president and network operations manager for Renasant Bank. “In short, they demanded a single sign-on solution.”
The Imprivata OneSign solution
Renasant Bank first looked at Citrix Password Manager because it has other Citrix solutions installed, but after a long negotiation period, the bank decided to evaluate other single sign-on solutions. After seeing an advertisement for Imprivata’s OneSign® Single Sign-On (SSO) solution, Hayes contacted the company to learn more.
“Imprivata looked simple and easy,” said Hayes. “When we saw the on-site demo, we loved it and quickly purchased the solution.”
Renasant Bank quickly began rolling out Imprivata OneSign SSO to 300 employees in each location across the four states it serves; it took just three days for OneSign SSO to be deployed. Hayes and his staff then implemented a new password policy where passwords must have at least ten characters, including special characters, numbers, and letters. Additionally the passwords are changed every 90 days, employees cannot repeat passwords, and, after three incorrect entries, access is locked.
“While the initial impetus for implementing a single sign-on solution was password management, we realized numerous additional benefits, including compliance and improved customer service times,” said Hayes.
OneSign SSO enables Renasant Bank to monitor, capture, and log password-related user access events in a centralized database. Now the IT staff can easily monitor access records for every user, application, or workstation in one central location.
“Our information security officer loves the reporting function,” explained Hayes. “Because this feature shows how often an employee is using, or not using, an application, we are able to identify areas where we can tighten down on licenses and lower our total software license costs.”
The employees using OneSign SSO also like the solution because it is easy to use and enables them to focus on their jobs, not on their passwords. In fact, password resets decreased by 82 percent in the year following the implementation.
“The entire process of implementing and using OneSign SSO has been great, from the strong support from Imprivata to the easy setup and management to the quick adoption by our employees,” said Hayes. “As such, we have plans to roll out the solution to every employee in the future.”