One member’s winning use of single sign-on to access bank portals through Wallstreet Suite impresses peers.
A NeuGroup member’s success at implementing single sign-on (SSO) to provide access to bank portals through the company’s treasury management system (TMS) made a splash at the spring virtual meeting of the Global Cash and Banking Group.
- Of equal interest was the member’s goal of taking away “as much bank portal access as possible” from employees, some of whom only need to see bank statements and don’t conduct cash transactions.
- The result, the presenter said, was a “mass migration from bank portals into the TMS for visualizations.”
Single sign-on safety. One of the main benefits of migrating users to TMSs from bank portals, the presenter said, is the added safety, security and control provided by single sign-ons—an authentication service where employees use one set of login credentials to access multiple applications.
- The company’s TMS is ION’s Wallstreet Suite, which links to the company’s identity management system through single sign-on. Various bank portals connect to the TMS.
- That means users who leave the company and lose access to its network immediately lose access to the TMS.
- The single sign-on gives the company more control than bank portals in terms of segregation of duties and role restriction, helping the company “restrict to the exact level of detail,” the member said.
Bank portal rationalization. About three years ago, a substantial number of the company’s bank accounts were accessed through online bank portals. “Bank portals have no standards on security and user controls,” one of the presenter’s slides stated.
- Centralize. To mitigate risk through rationalization, the company centralized portal management, moving read-only users to the TMS and moving payments to SAP where possible.
- Challenges. Hurdles included resistance to change, insufficient staff from small business units for appropriate segregations of duties and slower speeds for same-bank payments using the TMS vs. a bank portal.
- Success. The results of the company’s efforts include:
- The elimination of more than 50% of its bank portals globally.
- The reduction of bank portal user counts by more than 50%.
- No single person having the ability to initiate and approve a payment.
- A substantial reduction in the number of wires going through portals.
Customization question. One member listening to the presentation said her company has been struggling with bank portal rationalization.
- One issue is how to customize access to the TMS and balance what users want with security concerns. “What if we don’t want to share all that info with an entity?” she asked.
- The presenter said his company’s TMS can restrict users by bank account, entity or time period. “We had to create a complex set of profiles” to account for segregation of duties and the need to restrict access to initiate payments. “It is a lot of work,” he said.