A global pharmaceutical group, sanofi-aventis is mainly involved in pharmacy, human vaccines and animal health. Its products cover therapeutic areas as diverse as diabetes, cancer or cardiovascular diseases. Its portfolio also features a wide range of consumer healthcare products and other prescription medicines including generics.
The company is subject to strict requirements in terms of security, confidentiality and data integrity. Also, guidelines on electronic records (such as 21CFR Part 11 in the US) define strict conditions on the provision of electronic files to national authorities. For instance, users must authenticate by name to sign electronic drug-related documents. The 15,000 research and development (R&D) employees of sanofi-aventis must therefore individually authenticate to a large number of applications.
Single secure authentication
“The project’s starting point was access security for all R&D employees. Our researchers connect to about fifteen applications on average every day”, explains Vincent Rossetto, Project Coordinator at sanofi-aventis. “There was therefore a risk that the password they use to access their PC and applications would be written down or revealed. We therefore decided to invest in a single sign-on system for the Group’s entire R&D organization.”
The Group launched an evaluation of the world’s leading providers of authentication management and SSO. The criteria: the solution must be easy to install and deploy, and be able to integrate a large variety of applications, online medical databases, document management, internal Windows and Unix applications and terminal emulation. After live tests, sanofi-aventis selected Bull Evidian.
Fulfilling another important criterion, Evidian’s SSO and authentication management solution is based on sanofi aventis’ existing Microsoft Active Directory. This ensures natural monitoring of user movements and facilitates the solution’s scalability.
An international deployment
Firstly the 6,000 PCs in the Sanofi R&D centers were equipped with Evidian’s SSO solution. This helped improve productivity for many researchers and administrators – authentication to applications, essential for legal reasons, no longer requires each user to remember about 10 passwords. In 2006, after the takeover of Aventis, the new division’s R&D centers were also equipped, bringing the total number of users to almost 18,000.
Later on, the Group‘s medical sales representatives in the United States were given the SSO solution on their laptops. Highly mobile, they authenticate using biometrics, or access the company’s web applications by smart phone. Having found that the Evidian solution could be adapted to two very different profile types – R&D and medical sales representatives – sanofi-aventis decided to extend it to all its employees worldwide.
A safe and open architecture
The Evidian offer is based on the company’s Active Directory; it is therefore easy to expand its user base simply by extending the directory. Like any large pharmaceutical group, sanofi-aventis regularly acquires companies to develop its portfolio. Strong external growth, one of the Group’s major strategic directions, requires new users to be integrated quickly – which the Evidian solution easily allows.
“The savings made by the disappearance of application passwords is considerable – the ROI can be measured in weeks. But it is the improvement in security which is most significant: users no longer write down their passwords or use the same password everywhere. Authentication is now much more secure” says Vincent Rossetto.
Daily identity and access management
The solution is maintained by three “application specialists” who cover Europe, Japan and the United States respectively. In addition to second-level maintenance, they configure the SSO for new applications. Indeed, any application can benefit from single sign-on. Several applications use the Active Directory password – but Evidian’s SSO still adds value, since entering that password several times a day would create a security risk. Password reset, another important function, can be activated by the users themselves without calling the help desk.
“Single sign-on is an excellent first step in a long-term identity and access management project. The case is simple to argue and it is relatively easy to get a go-ahead decision. In a second step, identity management features can be added to this foundation, which the Evidian solution makes possible,” concludes Vincent Rossetto.
- • A global healthcare leader.
- • € 30 billion revenue in 2010.
- • 108,000 employees in 110 countries.
- • 800 R&D applications.
- • 15 accounts per employee on average.
- • 21 R&D sites.
More about Evidian Entreprise SSO >>> http://www.evidian.com/iam/enterprise-sso/