Adways Inc., involved in smartphone advertising, development and operation of media and applications, is streamlining its user authentication process for its employees from more than 200 different internal systems by creating a single authentication portal with F5’s application performance management solution.
Adways, Inc., an Internet advertisement company established in 2001 and listed in the Tokyo Stock Exchange Mothers in 2006,is now deploying its business activities globally with a focus on Asian markets. With the corporate vision of “Beyond Everything Internet,” Adways focuses its core business operations on smartphone advertising, development and operation of media and applications.
Adways uses more than 200 internal systems for their employees. The company has been actively promoting SaaS, including the transition of its on-premise email system to Gmail, which has further contributed to the proliferation of the number of systems. In addition, employees sometimes use other systems from suppliers.
In order to log in to these systems, an average employee uses 30 to 40 ID and password combinations on a daily basis – with some employees using up to 80 different combinations. Different systems require different authentication methods, all with different password policies. As a result, more than half of the inquiries Adways’ employee support desk receives involve troubles logging into their accounts.
In parallel with the increasingly complicated sign-on process, Adways also wanted a structure that would allow employees to securely access internal systems while working remotely. With the rapid growth of the company, Adways needed to accommodate employees who might not be able to come to the offices on a daily basis due to pregnancy, child-care or nursing disabled family members.
The F5 Agility 2016 Conference, held in Tokyo, was a turning point for Adways. “We had heard of Application Performance Management (APM), but learning in the Agility sessions that BIG-IP APM can handle Security Assertion Markup Language (SAML) and that many types of SSO including form-based authentication may be used, convinced me that we could finally achieve unification of the authentication systems,” Ito said.
In September 2016, Adways began a full-scale research project toward enabling Single Sign-ON (SSO). They introduced a test system in March 2017 to start a proof-of-concept, and based on the results from the POC, officially decided to introduce APM just a few months later.
Built on APM, the unified authentication system first uses an encrypted HTTPS Web browser to access the authentication portal, where employees are asked to enter their unique ID and password. Once the login information is authenticated, the user chooses one of the systems from a list that he/she has access to. Authentication to internal systems is managed by APM, enabling a seamless SSO process. For external services, federated authentication using SAML is provided. In addition, SSL VPN is provided to engineers who manage the internal systems so they can securely and directly access those systems while working remotely.
Streamlining the authentication process helped Adways’ employees greatly reduce the amount of time spent managing their user IDs and passwords. Providing secure, remote access with APM should also contribute to Adways’ effort to introduce the Work Style Reform initiative.
Enabled SSO with minimum impact to existing internal systems
Using APM as the core of the integrated authentication system enabled SSO with minimum impact to Adways’ existing systems. The team also valued the technical and problem solving skills of the F5 consultants who participated in the project since its design stage.
Mitigated the complex management of employee login information
Streamlining employees’ ID and password combinations helped reduce the time they spent attempting to log in to various systems and managing their account information. With approximately 600 employees, they collectively spent ten hours a day just signing on to the systems they use.
Enhanced overall security
The authentication portal built on APM greatly enhanced the overall security of the company. For example, some systems such as group wares are accessed using accounts shared among multiple employees. If one of them left the company, blocking access was not a simple task. With the new portal, group-based access may be controlled in the same way as individual accounts. “The biggest benefit is that working remotely is much easier. This should help us make progress with the government-led Work Style Reform initiative,” said Ito.