U.K. electronic payment processor turns to password 'Vault'

Computerworld - With more than 800 hardware and software passwords to track across its IT operations, British banking transaction processor Voca Ltd. decided that its outmoded handwritten paper and pencil system had to be replaced.
"With the growth of the company, and multiple site locations, it became impossible to manage passwords properly," said Keith Reeve, manager of certification authority and access control at the London-based company. "We knew for some time that we needed to do something."
So when one of Voca's facilities was relocated last year, and after an IT security audit that recommended action, the company decided to solve its password management challenges.
In January, Voca deployed Network Vault software from Cyber-Ark Software Inc., Reeve said. The application, installed on its own in-house Windows server, creates a special ultra-secure "vault" on a standard hard drive where passwords are automatically stored, maintained and cataloged. The server is on a network but is protected with various levels of security, including encryption and authentication, allowing it to be accessed only by authorized workers.
The company, an Automated Clearing House (ACH) responsible for interbank electronic cash transfers of debits and credits for bank accounts in the U.K., handles about 4.5 billion transactions per year.
Until the company rolled out Network Vault, its password records were kept on paper by IT workers who stored them in on-site safes at each facility, Reeve said. The safes took up floor space, and the manual entries were labor-intensive. Keys for the safes had to be safely stored, and workers had to travel to make off-site password changes, adding to the costs of password maintenance. Some of the passwords were changed infrequently, while others were changed on a regular basis for security.
"You start adding that up on a weekly basis and that was a lot of activity by a lot of people," Reeve said.
By moving to the automated system with Network Vault, Voca expects to save about $115,000 in related costs this year, he said. "It's a godsend."
He declined to say how much Voca paid for the rollout.
Richard April, a vice president of marketing at Dedham, Mass.-based Cyber-Ark, said the company's product protects the data and passwords stored in the vault using multiple layers of security. The company's approach is similar to banks, he said, in that a bank has guards, alarms and cameras to ensure security, but the safest place in a bank is still inside its vault.

In addition to Network Vault, Cyber-Ark also offers a Central Password Manager module that allows users