In this finance use case we look at how a leading European bank is using MyID credential management software to issue and manage the lifecycle of PKI based credentials across their thousands of employees.
MyID for issuing and managing strong authentication across a leading bank's workforce
THE CHALLENGE
As a large European bank with more than 12,000 employees requiring secure access into corporate systems and networks, the bank needed a robust authentication solution that could be deployed across a geographically spread workforce but managed centrally. To mitigate against the threat of data breach, cryptographic authentication using public key infrastructure (PKI), was the chosen method as this offered the optimum two-factor authentication (2FA) security required.
Working towards 2FA being mandated across all employees, the IT team were actively looking for a solution that would integrate with their multiple Microsoft certificate authorities (CA), hardware security modules (HSM), and enable the bank to print their own employee smart cards.
A simple and intuitive solution for IT operators to use on a day-to-day basis was essential, as was a vendor who offered future scope for deployment across other end user devices besides smart cards, including USB tokens, mobile devices, and virtual smart card enabled technology.
THE SOLUTION
The MyID credential management platform stood out as offering the functionality and technology integrations that the IT team were looking for.
The bank’s de-centralised organisation and philosophy meant that the organisation’s systems didn’t fit well with a centralised off-the-shelf solution. A solution that would collate the relevant data from HR systems, LDAP and other sources was essential. This was achieved via the MyID Lifecycle API, which the bank’s systems call to trigger user and lifecycle events. Whether that is a certificate renewal, or the requirement for a card to be revoked.
With their own in-house card production facility, the bank is able to use MyID to create and print employee smart cards, which are then mailed to the user at their branch location.
MyID has enabled the bank to ensure all employees and contractors are using strong 2FA, minimising the threat of data breach via phishing, spear phishing, social engineering or other means. MyID provides an auditable, centrally controlled system for the bank to issue, replace, and revoke smart cards as and when required.
The ongoing development of the MyID software platform has also futureproofed the bank so that they are able to continue evolving their identity management processes. Whether that is through policy setting changes, the creation of new user groups, changes to infrastructure such as CAs and HSMs, or a requirement to allow employees to perform 2FA via USB token, mobile device, or virtual smart card enabled laptops and computers.
THE BENEFITS
Enhanced Security
Enhanced security with best practice 2FA deployed across more than 12,000 employees and all branch locations
Improved Control
Improved control over credential issuance and management with one centralised credential management software platform
Reduced Cost
Reduced cost through the integration flexibility of MyID to work with existing CA, HSM, and card printing infrastructure
Simplified Deployment
Simplified deployment through configuring MyID’s Lifecycle API to fit into the bank’s de-centralised structure
Futureproofed
Futureproofed authentication security is assured as MyID continues to improve, ensuring the bank has multiple options on how its identity management solution evolves
USE CASE DOWNLOAD
Trusted by government and large enterprises, worldwide
Where data really matters, you will find MyID. The security, reliability and interoperability of MyID software sets it apart and is why we are proud to help many leading organisations around the world manage the secure digital identities they issue, whether that's governments managing citizen ID or enterprises managing employee, contractor and supplier IDs.