Call center Teleperformance verifies Active Directory user identities
- Teleperformance
- Outsourcing
- Mexico
)
)
)
)
Teleperformance is a worldwide leader in outsourced omnichannel customer experience management. The company provides customer acquisition, customer care, technical support, debt collection, social media, and other specialized services around the world. Operating within high risk areas such as customer service channels, the protection of customer data, payment data and other sensitive information is key for Teleperformance. Maintaining compliance with ISO 27001 and PCI DSS is a powerful indication to customers that the company takes security seriously.
"UserLock is a great software that has simplified our work day. The controls and reports on all user sessions allow us to verify each users' identity, stop password sharing and help avoid security breaches."
José Miguel Villafuerte - IT Infrastructure & Datacenter Regional Manager
At Teleperformance, employees work in an open space. Users don’t have their own machine, they arrive and connect to the first available machine.
To protect against fraud and be compliant, the company needed to verify that the person who authenticates is who they say they are. They therefore needed to limit concurrent sessions to only one session per user. This limit helps reduce the risk of employees having unnecessary exposure to personal identifiable information or confidential information.
Uncontrolled concurrent logins to a network remains a serious security flaw and significantly increases network vulnerability. It only takes a careless employee to share a password or leave a workstation unattended for a security breach to occur.
Previously, the IT team used scripts to limit simultaneous sessions but the script that they were using was no longer supported on Windows Server 2012 R2. They were therefore looking for a solution that would allow them to eliminate the usage of GPO’s.
Solutions based on Windows logon scripts can present too many drawbacks and weaknesses to suit organizations that need to meet strict security and compliance requirements.
José Miguel Villafuerte, IT Infrastructure & Datacenter Regional Manager at Teleperformance was assigned the task to find a third-party solution that would meet their requirements.
After his own online research, the IT team decided to test out IS Decisions’ UserLock. After a quick trial period, they immediately saw that the software’s functionalities matched their needs and could meet internal security policies. They didn’t have to test any other solution.
Being able to easily manage user access by Active Directory groups and organizational units (OUs) helps simplify the administrators' work day.
"UserLock gives us total control of user accounts. It allowed us to eliminate the usage of GPOs which we previously used to limit users to one session."
José Miguel Villafuerte - IT Infrastructure & Datacenter Regional Manager
José also found UserLock's Active Directory user logon reports to be a useful tool. UserLock records and reports on all user connection events to provide a central audit across the whole network. In UserLock, they can easily view the start and end of any session opened on the network by a protected account, allowing them to spot any anomalies or suspicious behavior.
The Result
UserLock’s ability to control, protect and monitor user’s logons mixed with the alerting and reporting tools helped Teleperformance secure their network and meet compliance requirements. Controlling system access, verifying employees' claimed identity, restricting users from sharing logins and preventing simultaneous logins are all key elements required for compliance with major industry regulations.
"UserLock has simplified our working days by allowing us to control user sessions and meet our internal security policies."
José Miguel Villafuerte - IT Infrastructure & Datacenter Regional Manager
To learn more about how logon management helps meet compliance objectives, read more about why compliance starts with the logon.