ZorgSaam supports remote, two-factor authentication with the YubiKey

Ease-of-use accelerated adoption and strengthened overall security.

Industry

Medical

Protocols

Yubico OTP

Products

YubiKey Standard and YubiKey NEO

Deployment

Employees

About ZorgSaam

ZorgSaam Zorggroep Zeeuws-Vlaanderen is a Netherlands-based healthcare provider specializing in the Dutch Flanders region and beyond. ZorgSaam provides hospital care, ambulance services, home care, and elderly care and is one of the largest employers in Zeeland.



Meeting the need for remote secure access to medical data

In 2012, the company restructured its IT environment by switching to Citrix-based desktops and information systems. The deployment included Citrix Netscaler to provide secure access to healthcare information. Everything that was outside Netscaler was considered hostile and insecure, so the company needed a way to provide secure access to mobile users logging in from outside the environment.

ZorgSaam evaluated potential solutions such as RSA tokens and the UZI-pas, a multipurpose smart card token. Since the UZI-pas is only available to those with a medical registration and requires expensive readers on each access device, it was not viable for a large-scale deployment.


“Integration of the YubiKey was very simple after the first trial period.” 

— Jelte Ebbers, Information Security Specialist at ZorgSaam


The YubiKey enables strong and reliable authentication for thousands of employees

Ultimately, ZorgSaam chose the YubiKey to provide strong two-factor authentication (2FA) for remote access of medical systems. The YubiKey proved to be reliable, cost effective, and easy to use.  ZorgSaam completed the solution by installing the Intel/McAfee OTP Server in combination with the deployment of the YubiKey.

“Integration of the YubiKey was very simple after the first trial period,” said Jelte Ebbers, Information Security Specialist at ZorgSaam. “We simply defined the programming and ordered our pre-programmed batches at our local distributor. We then imported the securely transmitted secrets in our directory and from then on the YubiKey was available for self-service enrollment at a limited number of locations within our organisation.”



The YubiKey: “The only key needed”

The YubiKey’s ease-of-use helped accelerate adoption at ZorgSaam and strengthen security. The company found that once users realized how fast and easy it was to access systems with the YubiKey, they embraced it and started to wear the YubiKey on their badge key rings. In addition to its user-friendly design, IT likes the YubiKey’s ruggedness, lack of battery, and no moving parts, which makes it easy to deploy and maintain.

In the future, ZorgSaam may also use the YubiKey NEO to allow integration with physical access based on NFC. “Although other systems in our organisation are now largely point solutions, we want to extend the use of YubiKey whenever systems are being replaced,” said Johan Terlouw, Manager of Back Office ICT Services. “Down the road the YubiKey might even become the only key needed to gain access to ZorgSaam.”