Sanderson Weir meets strict banking standards with SSO
BACKSTORY:
Boutique law firm Sanderson Weir has always liked doing things a little differently. It’s become well-known for its documentation and settlement work with banks, home loan lenders, and finance companies, as well as mortgage and asset enforcement. Its work for banks and lender clients is highly regulated. Director Nicola Robertson says Sanderson Weir always approaches the work with a risk focus and understands the power of systems to assist in the delivery of the work.
Recently, the firm asked for UiRev’s help implementing single sign-on (SSO) for its client portal. We spoke with Nicola about how the user authentication tool is helping Sanderson Weir meet its data compliance obligations.
CHALLENGE: strict cybersecurity standards require SSO
Sanderson Weir developed a specialised document management system to ensure the responsible, efficient, and timely management of mortgage and asset enforcement. The design makes it easy for its clients and staff to manage files, in a well-guarded environment.
The system, accessible through a secure portal, allows the firm and clients to share and view electronic files in real-time.
But, because of this, the firm must also comply with strict banking cybersecurity standards, which in recent years have evolved to include user authentication and single sign-on.
SOLUTION: UiRev provides a roadmap
When it went looking for a tech partner, Nicola says it was important to work with a company that, "loves solving a good problem" and had the depth of expertise to ensure the systems integrated using best practices.
“I knew from previous experience that UiRev’s developers could handle the complexity of our system, and I felt confident they’d help us find a path through the technology to get to where we needed to be.”
Fast, no-fuss SSO implementation
While logging into apps and platforms seems simple, when you have hundreds or thousands of users, and connectivity to dozens of departments or outside partners and customers, a poorly implemented authentication system is death by a thousand cuts to the usability of your platform.
It's one of the main areas that create tension, not only because users have so many passwords to remember, but when it comes to security, the admin involved in managing access becomes high risk. It can leave you open to potential cyber-attacks if not managed well.
First, UiRev migrated the firm's website to a new host server and integrated it with its document management system.
Then, SSO was implemented across the platform so the firm’s clients could manage staff access using their existing usernames and passwords.
RESULTS: delivering on its promise
Now, when a client adds a new staff member, they use the same login credentials for their internal systems to log into Sanderson Weir’s portal. When a staff member is removed from the bank's system, that action also removes their access to Sanderson Weir's system.
With a more secure login system, Sanderson Weir doesn’t need to hold any usernames or passwords on behalf of its clients, and clients don’t have a set of passwords sitting with a third-party company.
More importantly, the system meets top-level security requirements, giving the firm peace of mind – and making it easier for its clients to access the data they need.
“After the migration, our system passed penetration testing well – that's a testament to UiRev’s capabilities,” Nicola says.
“From our perspective, the project was a great success. It gives our clients confidence that we can meet their compliance requirements and that our systems are stable and secure."