Single sign on proves to be a real asset for infrastructure manager Semperian

Asset manager turns to Secure Cloudlink for SSO across its geographically dispersed employee workforce.

  • 7 years ago Posted in
Innovation is no longer a nice to have but a must have for any business. For a lot of organisations this sentiment can be quite daunting. A lot of people talk about introducing innovative practices but the reality is innovation is a constant that must be applied to every aspect of your business in order to continually better it talking about it is the easy part, real innovation comes from actually doing it. These are the words of Aamer Moghal, IT Delivery Manager at Semperian PPP Investment Partners when discussing how the firm was able to overcome critical issues within its IT infrastructure, particularly when needing to support a continually growing and geographically dispersed employee workforce.
 
About Semperian:
 
Semperian PPP Investment Partners (Semperian) was launched in October 2007, with the acquisition of a ?1.0bn portfolio of infrastructure assets from Land Securities plc. It is an infrastructure manager that provides its investors with access to a large, diverse portfolio of mature PPP infrastructure investments. Semperian employs over 160 people located throughout the UK, most of whom are based in four principal offices - Bristol, London, Runcorn and Glasgow. However, many are based on-site at projects across the length of the country, covering operational, commercial, financial and administrative functions within these assets. Many Semperian employees have also been based with these various sites since the start. One example of the work Semperian does across its portfolio can be seen with its association with the Great Western Hospital in Swindon.
 
Semperian manages the on-going obligations of the PFI project through a concession, which is scheduled to terminate in 2029.  Semperian's partner and principal building occupier is the Great Western Hospitals NHS Foundation Trust, which leases the premises from Semperian. As part of its obligations, Semperian manages the facilities contract which includes estates management and life cycle works, catering for patients, staff, employees and visitors, cleaning security services, switchboard and 24/7 customer help desk. Semperian is also responsible for purchasing utilities, and letting and managing the retail facility on the site.
 
According to Moghal, Semperians work with the Great Western Hospital is one small example of the breadth and scale of its operations: Our portfolio is extensive and constantly growing whether it be schools, hospitals or government buildings our highly skilled staff are trained to effectively manage the assets of these facilities in order to provide shareholders with a predictable, stable and low risk income stream. It is important we are able to deliver this in a timely, efficient and continuous manner, and essential to this is having the necessary infrastructure in place to support it accomplishing this is not without its challenges particularly when it comes to IT.
 
As mentioned, our staff are spread right across the country from right down in the southwest of England, all the way up to Scotland. They all require access to critical information in order to do their jobs to the best of their abilities but gaining access to this data while on site is not always possible. The reality is having a workforce geographically dispersed comes with its challenges the sites our staff are sent all have their own internal IT infrastructure and because of that we are limited to the changes we can make to accommodate our own needs. We very much needed a flexible IT system in place that could adapt to almost any environment and that is when we started to assess our options.
 
The Challenge:
 
To address the demands of a dispersed workforce Semperian implemented a centralised IT infrastructure, which would allow staff access to mission-critical information from wherever they were in the country. They also made the bold move to support this through a number of hosted group-wide applications and software packages including UK based Octopus HR, a flexible, secure and easy-to-use hosted cloud based HR system, as well as SaaS-based IT service desk and asset management tool Samanage all of which were carefully configured to ensure Semperians employees could continue to manage their various portfolios in an effective manner. Moghal states that Semperians investment in its IT infrastructure underpins the commitment it has for the businesses it works with.
 
As our business maturity has grown to take on more sites and assets so has our IT maturity. We needed to have complete confidence in our infrastructure to offer quick, easy and efficient access to core information from any site our commitment to embracing new technologies meant we knew how we wanted this delivered and what benefits we expected to see.
 
The Solution:
 
In hosting a number of its applications, Semperian had to be confident that all data could be accessed easily and most importantly, securely via its central hub. To do this effectively a single sign on (SSO) solution was needed across its centralised Active Directory in order to provide authentication to its software platforms after speaking with one of those software platforms, Octopus, Semperian was then introduced to Secure Cloudlink.
 
Secure Cloudlink is a British cloud security software company that has developed a three-factor, SSO and biometric user authentication solution. In essence it acts as a secure, centralised user authentication and application to manage all users access rights to all authorised applications without the need to create and manage internal domains. Unlike other solutions in the market, Secure Cloudlink does not store, send or replicate any user credentials outside of an organisations directory service. This combined with its knowledge of Octopus HR made it the ideal choice. Moghal commented:
 
Supporting our IT infrastructure with hosted services really reaffirmed how we wanted to run our business we wanted our IT systems to be flexible to the needs of our employees. Previously we have used Google Single Sign On to support our employees but moving to Active Directory meant we could now maintain a central repository of information, which was ultimately simpler to manage, and could be easily configured with our hosted services. The next stage was providing authentication to those hosted services like Octopus and that is when we were introduced to Secure Cloudlink.
 
With security at the core of everything it does Secure Cloudlinks Cloud Services Brokerage platform overcomes identity security issues associated with passwords by the inclusion of a unique and patented token passing technology. This advanced authentication method means user credentials are no longer stored separately or outside of the directory service, which therefore dramatically reduces the risk of a cyber breach and costs associated with password reminders. 
 
Moghal continued: It was very apparent early on that Secure Cloudlink would be a good fit for us. After moving across to Active directory from Google Apps we needed to find another solution to provide us with SSO that could competently support our hosted platforms having trust in your partners is critical to our business so when Octopus recommend SCL we knew straight away it would be conversation worth having.
 
We had a clear idea of what we were looking for simply, we didnt want users needing to remember multiple user names and passwords, and we needed an SSO solution that could be easily configured with our hosted services. Secure Cloudlink could provide this with ease. Straight away, they were able to come in and evaluate our systems and make recommendations suited to the needs of our business as well as possessing a deep understanding of the software applications we were using. With Octopus for example, much of the infrastructure was already in place. Typically, implementation processes can be a tedious, drawn-out affair the switchover from Google providing SSO to Secure Cloudlink took minutes arguably the biggest complement I could pay is no one noticed the changeover. Given that our employees are deployed over 20 sites the ease and flexibility of this process was invaluable. Additionally, the bespoke nature of Secure Cloudlinks offering meant we had to make no changes to our own IT infrastructure to support us given the emphasis we place on flexibility  this is critical to how we want to operate our IT systems in the future. We dont want to be tied down to legacy systems, which well outgrow in a number of years. Ultimately we are an innovative, growing business and we want to see the same from our suppliers. Secure Cloudlink was able to demonstrate this immediately their flexible approach instantly installed confidence to know that as we progress as a business they have the capabilities, skills and infrastructure in place to stand toe-to-toe with us.
Snowflake report unearths Python as the programming language of choice for AI development, while...
Survey respondents confirm built-in security and compliance are delivered by self-service...
Companies are turning to specialized work groups, AI to encourage Java productivity.
Global study of CISOs, AppSec leaders and developers reveals that business pressures are a primary...
Eficode’s annual DevOps trends pinpoint key areas that will define the intersection of AI and...
Carefully managing Generative AI’s potential through DevOps and an increased focus on compliance...
Expanded solution brings cloud infrastructure, SaaS apps and externally exposed assets together for...
Global survey of open source users finds challenges around security policies and end-of-life...