Information Technology Services (ITS)

Replacement service for SecurID Cards

Published on: November 26, 2013

To:  Divisional Business Officers and Managers
From:  Mike Wiseman, Manager, Information Security, ISEA, ITS
Date:  November 15, 2013
Re: Phased replacement of SecurID cards with a new eToken service

The University has used the SecurID product for a number of years to provide high assurance access to ROSI student records systems and the AMS administrative systems. This service has been effective in achieving the goal of contributing to the prevention of unauthorized access to these applications to such a degree that there is a need and desire to make wider use of the service to protect more services such as enterprise web applications and privileged access to systems.

The Information Security and Enterprise Architecture (ISEA) group in ITS took on the task to explore new available technologies and solutions for authentication.  After testing and piloting various technologies, a new product has been chosen to replace the use of SecurID – the SafeNet eToken cryptographic smartcard. The new service will provide a number of improvements over the existing SecurID service.

The key benefits of the eToken implementation:

  1. Wider application to other web services and systems: Web applications and other systems, in addition to AMS and ROSI, will be able to use high assurance access
  2. Efficient administrative process:  Delegated management of authentication token issuance and user support using a secure web-based application.
  3. Reduced cost – The eToken will cost less than the current SecurID card and overall time will be saved on administrative work.

We are pleased to announce that the eToken service is now available and will be implemented using a phased approach.   The departments can continue to use the SecurID cards that they have purchased for their staff for as long as they are valid.  The next major renewal date for SecurID cards is October 31, 2014.  Over the next year or so, holders of SecurID cards will be contacted by the ISEA unit and issued an eToken to replace the SecurID card.

View more details on the project here.

Questions can be directed to the project team.