How NEARSOL Secured Workforce Identity on Shared Workstations

1. Introduction

Client Overview

NEARSOL is a global business process outsourcing (BPO) provider recognized for delivering high-quality customer experiences across various industries, including financial services, retail, healthcare, and telecommunications. As a leading provider of nearshore services operating across multiple contact centers, NEARSOL serves a client base that demands strict compliance, robust security, and seamless operations. NEARSOL operates high-security facilities, utilizing shared workstations in clean room environments that prohibit the use of mobile phones to prevent data exfiltration. As cybersecurity threats become more sophisticated and target contact centers specifically, NEARSOL continues to lead the way in secure contact center operations. 

The Threat Landscape: Contact Centers as the Prime Target

As the frontline for customer interaction and a direct gateway into Cardholder Data Environments (CDEs), the modern contact center has become a primary target for sophisticated attackers. For a leading BPO like NEARSOL, the risks extend far beyond simple compliance violations.

The threat landscape for the Contact Center is dominated by identity-based attacks designed to circumvent traditional defenses. These include: 

• Spear-phishing and social engineering - employees are targets of relentless attempts to compromise the humans. 
• Factor compromise - credential theft or brute force attacks, combined with repeated 2FA pushes at odd hours or social engineering to bypass authentication.
• Session hijacking - gaining access to valid session, refresh, or access tokens to bypass authentication entirely.
• Shadow outsourcing - employees hand off credentials, authenticators, or open and unlocked sessions and devices to 3rd parties to do the work for a portion of the compensation. 
• Collusion and bribery - employees may be coerced and/or bribed to surrender access to a malicious third party for the purpose of compromising the CDE and lateral movement.

Furthermore, BPOs are seen as soft entry points to their enterprise clients, where a single compromised account can be used for lateral movement to plant ransomware or exfiltrate sensitive data. This high-stakes environment demands security controls that are both comprehensive and continuous.

2. Problem

The Challenge: Security vs. Operations in a Clean Desk Environment

For NEARSOL, the mandate was clear: enforce MFA that meets stringent PCI, client, and internal security standards. However, this requirement clashed with the operational realities of their contact centers, which rely on shared workstations and strict clean desk policies.

Traditional MFA solutions proved unworkable, creating security gaps and operational friction:

• Mobile Authenticators: The use of personal mobile phones violates clean room/clean desk policies and poses a fraud risk, as they are also recording devices and provide external network access connections, leading to data exfiltration.
• Hardware Tokens: Distributing and managing physical tokens for hundreds of employees was cost-prohibitive, with estimates as high as 10% replacement per month. Lost or broken tokens also resulted in downtime, support tickets, and missed service-level agreements (SLAs). 
• Passkeys, Desktop Authenticators, and Windows Hello: Device-based authenticators are incompatible with the shared workstations.  Each user must enroll on a specific device, and that authenticator may not be ported to a different device, breaking down for a pool of shared workstations.

The Impact: A Drain on Resources and Persistent Risk

The lack of MFA methods created significant business challenges that went beyond security vulnerabilities.

• High Operational Cost: The total cost of ownership for hard tokens, including procurement, replacement, and IT management overhead, was substantial.
• Reduced Productivity: Constant MFA prompts led to security fatigue and frustration among employees, interrupting workflows and impacting efficiency.
• Compliance Strain: Inconsistent enforcement and policy exceptions for authentication created persistent stress for compliance teams, increasing the risk of audit failures.

Despite these controls, a critical vulnerability remained: static MFA could only verify a user's identity at login, leaving active sessions exposed for hours. Given the industry-specific threats, MFA at login alone left unacceptable levels of risk across the session. NEARSOL required an innovative solution that could continuously secure every session in real-time without relying on phones, tokens, or other hardware, and without impeding the productivity of its workforce.

3. Solution

Solution Overview

To solve this, NEARSOL partnered with Twosense to implement its Continuous Authentication and Continuous Access Evaluation (CAE) platform. It is a behavior-based, software-only solution that delivers invisible, persistent identity verification and authentication without relying on other hardware or devices (e.g., a phone), hard tokens, or disruptive user prompts or interactions.

The solution works by generating continuous user trust across the endpoint session from session start to finish. Starting before an employee logs into their Windows workstation, the Twosense agent activates in the background and passively analyzes each user's unique behavioral biometrics, such as subtle patterns in their keystroke cadence, typing rhythm, and mouse movements. These behavioral characteristics are used to create a passive biometric authentication model for the user. This model is unique to each user and can be sensed passively in the background, and cannot be passed off from one user to another.

This behavioral "trust score" is then used as a powerful, live authentication factor, tied into authentication policy as a “something-you-are” factor for seamless multi-factor authentication (MFA). Throughout an employee's session, their real-time behavior is constantly authenticated against their established biometric model. This guarantees the legitimate user remains present, thereby satisfying authentication requirements for accessing sensitive data or applications without interrupting the user with an MFA prompt. 

Most critically, the platform ties directly into NEARSOL's existing operational capabilities for instant remediation. If the trust score drops, indicating a behavioral mismatch like an unauthorized user taking over a workstation, an automated alert is immediately triggered. This alert is sent to the employee’s direct supervisor through their existing Microsoft Teams channels, allowing for real-time investigation, remediation, and response. This includes locking the session, turning a potential breach into a contained, logged event, and escalating it to the Security Operations Center (SOC) for a security investigation.

Key highlights of the deployment:

• Phone-free authentication: The clean room is completely clear of mobile devices or tablets.
• Token-free security: No hard tokens, no logistics, no downtime, no replacement costs.
• Shared Workstation MFA: The users’ identity and authenticator follows them from device to device. 
• Integrated Remediation via Microsoft Teams: Simple for supervisors, secure for systems
• Phishing-Resistant MFA: Behavior as a factor can’t be phished and can’t be passed off.
• Real-Time Detection: Far better security that detects and remediates stolen credentials, devices, or sessions, even when an insider is the threat, or is colluding with a bad actor. 

Implementation Process

Twosense was rolled out with zero workforce disruption. Here's how:

• Deployment: Installed silently via Group Policy and Microsoft Intune across all shared workstations.
• Supervisor enablement: Quick and simple training for team leads—no new tools to learn
• User onboarding: No training required—Twosense runs in the background with no user behavior changes necessary
• Activation: Once supervisor training was complete, the system quietly activated and began protecting logins and sessions.

As one team member put it:

“It’s installed and working, and it’s doing what it says on the tin.”

4. Key Statistics and Figures

Quantitative Results

• 100% of user sessions continuously protected by Twosense 
• 88% of MFA’s are authenticated automatically and invisibly 
• 15 mins of Authentication time saved: 15 minutes per user per month
• Across 475 users, that’s 115+ hours saved monthly
• 2.5x  - Cost savings vs. hard tokens: Estimated $50–$70 per user annually
  • Hardware procurement, Shipping & logistics 
  • IT time spent troubleshooting or replacing tokens

Twosense turned MFA from a manual security hurdle into a seamless background process, reducing cost, saving time, and improving compliance.

Qualitative Results

"Twosense has been immensely helpful. At NEARSOL, secure and phishing-resistant MFA has historically been very painful to implement because we maintain secure clean rooms with shared workstations to service our clients.  The Twosense suite of Continuous Authentication products allowed us to deploy MFA across the workforce without phones or hard tokens, reduce friction, and save time by automating authentication challenges. We also got the security benefit of continuously validating user identity across the session which is a much higher level of identity assurance than any other authentication product on the market.  I highly recommend Twosense, especially to industry peers with clean rooms and shared workstations." -Jon Gillibrand, Global Director of IT & Cybersecurity

5. Conclusion

Summing Up the Success

NEARSOL faced a tough challenge: implementing strong, compliant multi-factor authentication (MFA) at scale across the workforce in a secure facility that leveraged shared workstations maintained within clean rooms, all within a budget. This added the additional burden of needing to do this without using phones, hard tokens, or additional hardware. The sensitive nature of NEARSOL’s business required a higher level of identity assurance beyond MFA alone. Furthermore, all of this needs to be accomplished in a way that doesn’t frustrate the workforce or drain IT resources.

Twosense delivered. Through silent rollout and Continuous Authentication and Continuous Access Evaluation, NEARSOL now enforces invisible MFA across their workforce while staying fully compliant, reducing risk, and improving operations.

The outcome is far better security with significantly less friction, resulting in a significantly improved user experience. And in the BPO world, that’s the winning combination.

Future Outlook

The system is live, effective, and scaling with NEARSOL’s growth. With identity security solved, NEARSOL’s security team can focus on proactive risk management, not day-to-day troubleshooting.

Twosense isn’t just a hard token alternative or another MFA checkbox—it’s a better way to continuously secure the modern contact center.