Notorious scam group targets universities and non-profits with gift card scheme
Schools and charities beware: if someone pretending to be your boss emails you to buy Apple iTunes or Google Play gift cards, it’s almost certainly a scam.
For a number of years the British Red Cross has used software from OneLogin to manage users’ access to its vital systems. ZDNet spoke to the head of service delivery at the British Red Cross, Phil Paul, to find out more.
ZDNet: What is the role of OneLogin for the British Red Cross?
Paul: We were brought in to provide the ability to create a platform to access our core systems and that had to be behind three factor authentications. The first factor was passwords, the next was based on combining that with the right app or through questions and, remotely, we also use RSA SecurID tokens for our colleagues who work in our 300-plus shops.
The object was to say, “here’s our product set across our colleague base and we need to have a three-factor secure ID system in order to be accessible”. And that is what the migration was once we had done the set-up.
When did you get it set up?
We went live in January 2016 but in 2015, prior to the go-live, there was the engagement of four or five months to build the instance, and test the capability and how the system is used.
So, you found OneLogin to be a good service to use?
I think it’s been built over the years it’s been in play, but I think we missed a huge trick in terms of the impact on all our users. I went from having 4,000 “customers”, as it were, to dragging another 17,000 volunteers towards me. There was some work involved in helping our volunteers to understand the importance of this as they were used to working very much in isolation behind OneLogin.
Paul: “OneLogin has given us that mobility and agility within the business to provide what the organisation is asking us for.”
Photo: British Red Cross
Also, the way we had all worked – our staff and our volunteers – was very much a dated concept. We sent a trifold [wallet] with a 12-page document to read in order to learn how to get into OneLogin. Since then we have worked with OneLogin to do a series of webinars and videos. And also, we have worked with the marketing department and OneLogin to see how we can best work as a team.
Now that we’ve got stability, we’ve got this platform that we can now really drive along and working behind OneLogin has given us that mobility and agility within the business to provide what the organisation is asking us for.
We can now provide the use of mobile phones, tablets and other mechanisms that can be readily available to our service users. Gone are the days of just sitting there at your desk with a laptop. It’s enabled us to be more agile.
How is it all working in practice?
Because of single sign-in, we can now access our core systems from a range of devices. Internally, OneLogin just sits within our systems but it goes through Citrix, so it can access anywhere where we’ve got data from our core systems. So it sits within our finance system, our HR systems, our internal intranet and where those assets are consumed.
And that’s where they will go in and access the Red Cross, either through the browser that they are used to or through OneLogin.com. Whichever is used, OneLogin provides their two-factor login capability, and then they are presented with the application that they can then access.
Presumably that will be based on simplicity and the ability to cover a wide spectrum of users?