GSK Finds the right prescription for multi-factor authentication
IAM Solutions Architect Brian Lewis of GlaxoSmithKline (GSK) speaks about how Ping’s open standards-based multi-factor authentication solution enables the company to be agile and support future protocols.
“Do more, feel better, live longer.” That’s the motto of GlaxoSmithKline (GSK), a science-led global healthcare company that researches and develops a broad range of innovative products. GSK serves its customers in three primary areas of pharmaceuticals, vaccines and consumer healthcare.
GSK mirrors this approach of “do more, better” with its workforce as well. Employees utilize a variety of on-premises and custom applications, and GSK wanted to make accessing these applications as secure and straightforward an experience as possible. GSK was in search of a multi-factor authentication (MFA) and single sign-on (SSO) solution that was easy to manage, easy to maintain and built on open standards.
GSK had two products in-house, both of which were good at what they were designed to do for their different user bases, but IAM Solutions Architect Brian Lewis said that neither one of which met the full set of identity requirements. In addition, because the industry evolves so quickly and technologies are changing, the protocols that are required were changing. The company needed to be agile and move at a faster pace than they had done so historically.
Ultimately, GSK selected PingFederate and PingID as their primary multi-factor authentication provider. The team gathered requirements from various departments throughout the organization, including the architecture council and the IT security folks, and introduced them to the Ping solution.
Lewis says, “PingID not only met all of our security requirements, but on top of that, our users really liked it. We had a hundred people pilot it with zero issues. We could tell that this was going to be the right product.”
To ensure a smooth transition, Lewis’s team ran training sessions for their help desk and published documentation with FAQs and troubleshooting tips on their intranet site. GSK started off the implementation in front of several SaaS applications, including Microsoft Office 365 and Workday. To avoid disrupting the business, the team picked specific hours of the day to perform the rollout.
“It was really seamless,” Lewis says. “One day users were authenticating one way, and as it switched over the next day, there was a very low number of help desk calls. We’re very, very pleased with how the rollout has gone.”
Since the introduction of PingID, help desk calls related to PingID has been extremely low, significantly less than 1 percent of enrollments. GSK secures many applications, and the company has been routinely adding them to the Ping solution, checking them off one by one as they decommission old products. Lewis says, “Ping has been easy to maintain, and support has been excellent.”
The company is ultimately looking to get to the point where all of their external internet-facing applications are performing MFA. Lewis says, “With Ping, we’re confident we can do that.”
MORE STORIES YOU'LL LOVE
Ping is the extensible platform that Netflix builds all of their identity services on.
Learn how Ping helped Tech Data create a true self-service partner portal.
Truist migrates single sign-on to the cloud for higher availability and lower total cost of ownership.
Find out how Ping helped the University of Hull replace their legacy systems to deliver a superior experience.