MARCH OF DIMES
Leading non-profit secures remote
access using strong authentication
AT-A-GLANCE
Key Requirements
–– Accurate, real-time fraud/threat
detection with minimal impact to
user experience
–– Strong authentication system that
is interoperable with existing
applications
–– Secure access for diverse user
population
Solution
–– Combined market-leading, one-time
password strong authentication
solution with existing technologies
to deliver Windows-based
applications to users via desktop
–– Integrated two-factor identification
system with secure-access
technology to safeguard access
privileges
Results
–– Improved worker productivity by
providing users with anytime,
anywhere access
–– Reduced risk of unauthorized
access to company resources
–– Improved compliance
CUSTOMER
PROFILE
“RSA® SecurID® technology has provided March of Dimes with
the highest level of confidence that only trusted identities are
accessing our systems. The security offered with RSA SecurID
has given us enough assurance to make our IT environment
available to our users on the open Internet enabling us to
increase worker productivity through remote access.”
PAUL ZIV, DIRECTOR OF FIELD TECHNOLOGY SERVICES, MARCH OF DIMES
The March of Dimes is the leading organization for pregnancy and
baby health. With chapters nationwide and its premier event, March
for Babies®, the March of Dimes works to improve the health of babies
by preventing birth defects, premature birth, and infant mortality.
For the latest resources and information, visit marchofdimes.com
or nacersano.org.
KEY REQUIREMENTS
March of Dimes is a leading non-profit organization dedicated to improving the health
of babies by preventing birth defects, premature birth, and infant mortality. With 286
offices, March of Dimes has a dispersed base of more than 1,800 users throughout the
United States including Hawaii, Alaska, and Puerto Rico. Chapter offices need to be
constantly connected to corporate applications and systems in order to ensure the
success of their fundraising and public-policy efforts.
Because of the geographical distribution of their offices and users, it was important for
March of Dimes to find a solution capable of providing users with on-demand access and
instant delivery of information, regardless of where or when they chose to access the
system. In addition, it was critical to provide the right access to the right users.
With a diverse user population that includes employees, partners, and temporary
contractors, March of Dimes required a solution that would enable them to secure
their critical assets while allowing for control over both access and actions based
on the user and their device.
SOLUTION
March of Dimes selected a combination of solutions from RSA and Citrix to provide secure
access to corporate resources. The final selection was based on a number of factors
including the strong partnership between RSA and Citrix, the compatibility of their
solutions, their relative ease of use, and the durability of the RSA authenticators.
March of Dimes utilizes Citrix® XenApp 4.5 (formerly Citrix Presentation Server™),
combined with RSA SecurID, to securely deliver all of their Windows-based applications
to users through a Citrix-delivered desktop. It also utilizes Citrix® Access Gateway,
integrated with RSA SecurID technology, to ensure the right access privileges are
granted to the right users.
Finally, March of Dimes uses Citrix Password Manager™ for XenApp to increase
application security by centralizing the management of passwords and enabling
single sign-on (SSO) to their legacy systems.
To assure the identities of all users accessing their systems through Citrix applications,
March of Dimes uses RSA SecurID, a leading two-factor authentication solution. RSA
SecurID is based on something you know (a PIN or password) and something you have
(an authenticator). The authenticator generates a new one-time password code every 60
seconds, making it difficult for anyone other than the genuine user to input the correct
token code at any given time.
RSA SecurID offers a wide array of one-time password authentication form factors –
available in both hardware and software formats depending on business and employee
needs. While March of Dimes uses hardware authenticators for most of their user
population, they also use software authenticators for specialized user groups.
RESULTS
The combined authentication solution has helped March of Dimes offer secure internal
and remote application access to their users. It has been able to deliver mission-critical
applications providing enterprise-wide access with integrated authentication.
CONTACT US
To learn more about how RSA
products, services, and solutions help
solve your business and IT challenges
contact your local representative or
authorized reseller – or visit us at
www.RSA.com
The use of identification-security technology has further allowed March of Dimes to
assure the identities of users logging in and provide secure access to the critical
applications required to ensure the success of their fundraising efforts.
The solution was easy to roll out and was instantly embraced by users because it was
portable and easy to use. What’s more, March of Dimes noticed an immediate improvement
in worker productivity by providing users with anytime, anywhere resource access.
Prior to implementing two-factor authentication, March of Dimes faced the security risks
associated with users sharing passwords. In addition, the on-board and separation
procedures for individual users were difficult to manage. The secure identification
solution provides an effective on- and off-boarding process for new and separated users.
Specifically, security tokens can be immediately deactivated when an employee leaves
the organization.
The use of two-factor authentication is one of many security methods March of Dimes
uses to to meet Sarbanes-Oxley and HIPAA security standards.
www.rsa.com
© 2008 EMC Corporation. EMC, the EMC logo, RSA, the RSA logo, and SecurID are trademarks or registered
trademarks of EMC Corporation in the United States and/or other countries. All other trademarks mentioned
herein are the property of their respective holders. MARCH CP 0908