MyID ISSUING AND MANAGING STRONG AUTHENTICATION ACROSS A LEADING BANK'S WORKFORCE

A large leading European bank with more than 12,000 employees require secure access into corporate systems and networks, the bank needed a robust authentication solution that could be deployed across a geographically spread workforce but managed centrally.

THE CHALLENGE

At this European bank, Intercede incorporated our MyID® credential management software to issue and manage the lifecycle of PKI based credentials across their thousands of employees. To mitigate against the threat of data breach, cryptographic authentication using public key infrastructure (PKI), was the chosen method as this offered the optimum two-factor authentication (2FA) security required.

Working towards 2FA being mandated across all employees, the IT team were actively looking for a solution that would integrate with their multiple Microsoft certificate authorities (CA), hardware security modules (HSM), and enable the bank to print their own employee smart cards.

A simple and intuitive solution for IT operators to use on a day-to-day basis was essential, as was a vendor who offered future scope for deployment across other end user devices besides smart cards, including USB tokens, mobile devices, and virtual smart card enabled technology.

THE SOLUTION

The MyID credential management platform stood out as offering the functionality and technology integrations that the IT team were looking for.

The bank’s de-centralized organisation and philosophy meant that the organisation’s systems didn’t fit well with a centralized off-the-shelf solution. A solution that would collate the relevant data from HR systems, LDAP and other sources was essential. This was achieved via the MyID Lifecycle API, which the bank’s systems call to trigger user and lifecycle events. Whether that is a certificate renewal, or the requirement for a card to be revoked.

With their own in-house card production facility, the bank is able to use MyID to create and print employee smart cards, which are then mailed to the user at their branch location.

MyID has enabled the bank to ensure all employees and contractors are using strong 2FA, minimizing the threat of data breach via phishing, spear phishing, social engineering or other means. MyID provides an auditable, centrally controlled system for the bank to issue, replace, and revoke smart cards as and when required.

The ongoing development of the MyID software platform has also future-proofed the bank so that they are able to continue evolving their identity management processes. Whether that is through policy setting changes, the creation of new user groups, changes to infrastructure such as CAs and HSMs, or a requirement to allow employees to perform 2FA via USB token, mobile device, or virtual smart card enabled laptops and computers.

THE ​BENEFITS

ENHANCED SECURITY

Enhanced security with best practice 2FA deployed across more than 12,000 employees and all branch locations.

SIMPLIFIED DEPLOYMENT

Simplified deployment through configuring MyID’s Lifecycle API to fit into the bank’s de-centralized structure.

IMPROVED CONTROL AND REDUCED COST

MyID's integration flexibility allows for reduced costs by working with existing CA, HSM, and card printing infrastructure, while also providing improved control over credential issuance and management through a centralized software platform.

FUTURE-PROOFED

Future-proofed authentication security is assured as MyID continues to improve, ensuring the bank has multiple options on how its identity management solution evolves.

Download the case study

This Case study looks at how a leading European bank is using MyID credential management software to issue and manage the lifecycle of PKI based credentials across their thousands of employees.

DOWNLOAD

Trusted by Governments and Enterprises Worldwide

Where protecting systems and information really matters, you will find Intercede.  Whether its citizen data, aerospace and defense systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organizations around the world choose Intercede solutions to protect themselves against data breach, comply with regulations and ensure business continuity.