SociaNovaSociaNOVA provides OGiRYS, a SaaS platform that enables collaboration between businesses, their users and their business partners. SociaNOVA customers include a wide range of service providers.
The need for strong authentication
Medical care institutions, for instance, turn to SociaNOVA to help ensure patient confidentiality.
Care patients that require 24/7 care are typically looked after by multiple care providers, care workers and consultants. Using OGiRYS, organizations can share access to a single file and important data (administrative, medical, educative) required to provide their service. They can also communicate about the care provided and the status of the patient.
SociaNOVA’s customers appreciate an application that both enables their workforce in their daily tasks and also enables global supervision by their management teams.
Marcelin Da Cruz, Chief Technology Officer at SociaNOVA explains that “in France, there is strong legislation making two-factor authentication mandatory when granting access to medical data (L1111-8 French Code of Public Health). Although the primary motivator was compliance with the legislation, we quickly identified other areas where strong authentication would fit nicely. Having added support to our SaaS solution, our development team kept working with Yubico’s libraries and added support to sensitive internal tools.
Why did SociaNOVA choose the YubiKey?
“The total cost of ownership was a big incentive, considering that many users have to login several times a day and Yubico’s validation service, YubiCloud, is free.” added Marcelin.
Yubico offers developers a free and open source software for integrating YubiKey strong two-factor authentication into an organization’s own software or service. Yubico also provides solutions for encrypting data and securing secrets on servers.
“Our development team reported a very easy implementation, we used the free open source software and libraries available on Yubico’s developers website.”
Yubico supports a wide range of strong authentication methods through its open source client projects and community-generated projects for new methods.
How was the user experience?
“We have only received positive feedback from our users, and no complaints about adding another layer of authentication. To be fair, most of our users are security-conscious people, aware that they have access to sensitive information which should be protected. After rolling out more than a thousand keys, our only support tickets were from user errors, some users having inserted their key upside-down!” reported Marcelin.