15.02.2015 - 'do good and talk about it'-series, volume 4
Since 2001, WedaCon Informationstechnologien GmbH is helping its customers to reach their goals regarding everything related to identity and access management (and access governance, to be complete). In this series, we would like to give you as the valued reader a quick overview on what we have achieved. Other just call it 'Success Stories'. Today we will talk about...
Security Levels based on SmartCard Login
How to protect sensitive data (HR, innovations, whatever) in a highly complex, worldwide acting company? The challenge here was to establish a completly secured environment for specific teams inside the enterprise, while allowing them to use the enterprise global IT Structure as much the same way as the rest of the participants do.
The Design was based on a security levels, and to reach the hightest access and security level, the individual seeking access to sensitive data had to use a smartcard to login (2-Factor Authentication). Once reaching this security level, the user was able to access the secured data, but was not able to write (store) informations to any device that had a lower security level.
The security level assignments was done on several elements and used thoughout them. These elements where implemented as modules, eg 'SecurePrint', 'SecureNetwork', 'SecureFileSystem', 'SecureLogin' or 'SecureMail'. For each module, we had security layers defined from 'Basic Security', 'High Security' and 'VeryHighSecurity'.
The system was implemented early 2003, and was in use until the end of 2013, when it was replaced by newer technologies and based on new requirements.
During the 10 years of operations, the overall ideas and implementations proofed to be a real benefit for the day to day operation. There was no single know security issue or data leakage.
Like what your just read? Need more information and references, where we have successfully applied our ideas?
Feel free to contact us via firstname.lastname@example.org