Discover more customer stories
Fredrikson & Byron is a global law firm whose attorneys travel frequently, often working from airports, their homes, and client sites worldwide. To enable secure and convenient access to resources from outside the office walls, the firm deployed Windows Azure Multi-Factor Authentication. The service reduces risk and boosts client confidence by adding a second layer of authentication when attorneys sign in remotely. The easy-to-use solution helps attorneys stay productive and gives the firm high availability and flexibility.
"Windows Azure Multi-Factor Authentication definitely helps us reduce risk by giving us stronger authentication controls. That enhances our security posture and helps give our clients peace of mind."
Fredrikson & Byron is a global law firm based in Minneapolis, Minnesota. The firm’s 275 attorneys serve clients in a range of practice areas, including banking, employment, energy, government relations, health, intellectual property, and real estate.
Many Fredrikson & Byron attorneys travel frequently to regional and international client sites, working remotely from airports and other locations, as well as from home. While away from the office, these workers access case-related legal documents, ranging from intellectual property to confidential patient health information, through the firm’s Citrix-based Secure Socket Layer virtual private network (SSL VPN) solution. However, the workers logged in with only a username and password, which wasn’t enough to meet the firm’s increasingly stringent security standards. “As password phishing and other types of attacks became more prevalent, we knew we needed to add a second factor of authentication beyond passwords,” says Bob Morrison, Security Engineer at Fredrikson & Byron.
Providing a second layer of user authentication was critical to ensure that this sensitive client data was not exposed, as well as to achieve client-driven regulatory compliance. “Safeguarding this data is extremely important to our clients. It shows we take their security concerns, and the value of our relationship, very seriously,” Morrison says.
In late 2011, Fredrikson & Byron started looking for a new solution that would provide this second factor of authentication for remote logins.
A security auditor suggested the firm consider one of two solutions: a hardware-based authentication solution from RSA or Windows Azure Multi-Factor Authentication, powered by PhoneFactor. Fredrikson & Byron chose the Windows Azure solution, which perfectly met its needs. “The RSA solution was very expensive by comparison, while the PhoneFactor solution gave us the simplicity, security, and flexibility we required,” Morrison states. The firm rolled out the solution to its attorneys and staff in January 2012.
Windows Azure Multi-Factor Authentication facilitates authentication to the firm’s on-premises applications, including remote access VPNs. It provides an extra layer of authentication in addition to the user’s account credentials. Employees sign in with their existing username and password. After verification of their credentials, multi-factor authentication is initiated through a phone call or mobile app.
For most Fredrikson & Byron attorneys, an automated call is sent to their phone. The attorneys simply answer the call and press the pound key (#) to authenticate.
Attorneys can also use the mobile app notification method, which pushes an alert to the Windows Azure Multi-Factor Authentication mobile app on the attorneys’ phones.
With Windows Azure Multi-Factor Authentication, Fredrikson & Byron can ensure highly secure access to client data, help attorneys stay productive on the road, and provide high availability and scalability.
The easy-to-use Windows Azure Multi-Factor Authentication solution helps attorneys stay productive on the road, which is important because the firm bills its clients by the hour. “Users only have to log in, get a phone call, and hit the pound key, and they’re securely into our systems,” says Morrison. “It is very easy and reliable for them.”
And if users lose or break their phone, they can simply replace it at a local retailer. In the meantime, employees can use an alternate phone to authenticate. “One of our goals with technology solutions at Fredrikson and Byron is to not prohibit our employees’ productivity, and this solution does not do that at all,” says Morrison. “It’s simple to use, so attorneys can concentrate on their work instead of trying to log in to the system.”
Because Fredrikson & Byron now has a second layer of authentication for attorneys accessing legal files remotely, the firm can give its clients even more confidence that their data is highly secure.
“Windows Azure Multi-Factor Authentication definitely helps us reduce risk by giving us stronger authentication controls,” says Morrison. “That enhances our security posture and helps give our clients peace of mind.”
High availability, redundancy, and scalability are supported by the solution’s hybrid service. Using the on-premises version, dual synchronized Azure Multi-Factor Authentication servers run on the firm’s existing hardware, and the solution’s cloud service can be used to instantly scale the number of users when needed.
“Our CIO gave us specific criteria for deploying a new solution, and one of those was high availability,” says Morrison. “We have the Windows Azure Multi-Factor Authentication Server installed on four machines at our headquarters and another at our disaster recovery site, so it’s highly available and fully redundant.”