Some of the projects we took part to
Data Privacy Compliance
Goal: Reach Data Privacy Compliance on Medical Devices
The customer, a recognized Swiss leader in the domain of the production of medical devices, had to review their current strategy in terms of exporting of medical devices, to understand how their devices are collecting, processing and storing medical data. Our mission was to study the medical devices, to check how they acquire and process data and how they are integrated into the informatics systems of the HMOs. This analysis was enforced by the study of the regulation of the country where the devices were exported, defining (where needed) a gap analysis and suggested improvements for the devices in terms of software and hardware.
Industry: Medical Devices
Identity Governance
Goal: Support on the definition of a full IGA strategy
The customer, a Swiss major leader in the chemical industry, has decided to consolidate their IAM strategy adopting a central Identity Governance tool able to orchestrate the user lifecycle of their employees and to automate the provisioning of applications.
We helped the customer understanding their requirements and we supported defining the business processes. We extended the requirements and we defined a design document capable to describe the technical and business needs.
We contacted some vendors and we supported the RFP process, helping finally the customer selecting and integrating not the best product, but the most correct.
Industry: Chemical Industry
Cybersecurity Awareness
Goal: Improve cyberawareness between employees
During the years we supported several customers from different industries providing cyberawareness to their employees. For this specific customer we accompanied the whole cybersecurity program through different phases: from face-to-face live training, we developed an e-learning strategy that was supported periodical by vishing and smishing attacks. We kept constant metrics concerning the results of the employees and every lack of awareness and improvement was shared with the senior management. Such approach facilitated the management understanding the lacks in the cybersecurity program, and we were able to support them on the enforcement of their plans.
Industry: Private Banking
Privileged Access Management
Goal: Compliance with banking regulations and SoD for privileged accounts
Support on the design and on the implementation of a PAM model to secure and monitor the access of privileged and shared accounts. Requirement analysis, interview with stakeholders. Definition of the PAM access strategy, both from a technical and strategic perspective. Supporting the customer on the communication plan for the onboarding of employees. Implementation of the solution and handover.
Industry: Banking
Identity and Access Management
Goal: Facilitate automated user management and registration
The customer has decided to centralize the access control of their portals using IAM.
Through SSO, all the portals were managed in the same and centralized way, to use central policies to manage all of them.
Also legacy portals were after protected using modern MFA.
Industry: Education
CIAM Full Stak implementation
Goal: Enable secure access for end customers
One of the largest European telco decided to expose the customer portal and to integrate with the IAM.
Support on the design of the architecture, IAM data modelling, design of the user lifecycle.
Implementation of the user directory, integration of access services including SSO, federated accesses and MFA.
Coordination of the job with two offshore teams.
All the activities have been carried out through the global data centers.
Industry: Telco
Identity Governance
Goal: Orchestrate user lifecycle for workforce and external providers
The customer required to centralize the accesses of the internal and external workforce, plus the accesses provided to the external companies.
The implementation consisted into the design of a secure IAM architecture replacing the outdated monolithic systems implementing an automated provisioning of applications based on RBAC.
Most of the applications provisioned were not supported by standard connectors, therefore it was required to develop custom ones, including their logic. To get this it was designed a framework to onboard all custom connectors, to facilitate the automated onboarding of them.
Industry: Luxury
Data Loss Prevention
Goal: Consolidate FINMA compliance using DLP
A Swiss Private Bank required us to support their processes implementing a Data Loss Prevention tool.
We supported on the implementation and the configuration adapting the software to some of the usual cases to which the customer was subject to.
Several custom rules were implemented, and the solution was deployed over the whole system to protect the working operation of the whole employees.
Industry: Private Banking
Privileged Access Management
Goal: Enable FINMA compliance through SoD
Due to the limited time given to implement SoD and to respect the boundaries required by the Swiss financial regulator (FINMA), the customer has decided to onboard a new PAM solution able to provide and implement security on privileged and shared accounts. The project was reinforced by the review and by the maintenance of one of the existing IAM tool focused on provisioning of financial applications. All the job was completed by a detailed report that was submitted to the regulator and was used to pass the compliance tests.
Industry: Banking
Identity Management
Goal: Centralize provisioning of services in one application
The customer had two main objectives: improve the quality of the job of the workforce, centralizing and automatizing the management of their applications, and to create a secure portal where citizens could manage their data.
The project has been carried out using open source technologies. This required the creation of custom connectors, where the product was not providing OOTB solutions, and the design of custom components able to integrate with legacy or unsupported systems.
Industry: Public Administration
Open Source IAM
Goal: Deploy an IAM to support a scalable architecture
The customer has decided to implement a system based on open source technologies to protect their customer portals.
The main challenge is to the unforeseen traffic that could be generated while accessing to their portal.
Due to compliance reason, the customer has decided to do not use anything in the cloud, but to manage all the services locally.
Both the webportal and all the part concerning the access management have been configured to create a rapid elasticity, where instances are automatically created and destroyed based on the traffic, in order to optimize the usage of local resources and the performance of the systems.
Industry: Finance
IAM Migration
Goal: Migration to a new IAM solution
The customer implemented a legacy IAM, but the product is not anymore supported by the vendor and the customer has decided to migrate directly to a different solution.
Analysis with stakeholders and definition of the project plan. Workshop with stakeholders, design of the new solution and implementation. Disconnection of the old system and migration of the new data.
Developing of custom connectors not supported by the vendor.
Training and handover for technical people.
Industry: Education
IAM Analysis and Reporting
Goal: Provide automated auditable reports
Analysis and optimization of the data modelling of the IAM system addressing the automated provisioning of more than 250 connectors.
Custom reports organized to provide in automated ways daily and weekly information to the team, with different schedules based on the audience.
Particular attention to facilitate the processes of re-certification of temporary applications and/or for those access rights leading to Conflict of Interest.
Support on the optimization for the definition of the roles and groups.
Industry: Private Banking