Identity as a Service brings automation to digital bank’s secure authentication service - Data Ductus

A digital bank wanted expert support for identity management from a trusted service provider that could deliver secure authentication. Our Identity as a Service solution, IaaS, with its proactive service desk proved ideal as it enabled the bank to focus on core IT activities.

In brief

Challenge 

The bank wanted to secure external expertise to support, update and manage, gateways, firewalls, and its Curity Identity Server. This would enable it to focus on creating revenue driving services rather than the upkeep of essential authentication 
functions. 

Solution

Identity as a Service includes automated releases, deployments and workflows for best practice deployment and management. Proactive service desk support ensures systems run smoothly and securely.

How we did it

Management of the firewalls, gateways and the Curity Identity Server was transferred to an automated environment, according to best practices. This was done by the same 2nd and 3rd line development team that is now responsible for operations.

Benefits

Product updates are deployed regularly and on time, patches are deployed to thwart potential breaches, additional expert resources can be called upon if needed, and the bank has access to Data Ductus Curity/IAM expertise and support.

About the client

A Swedish digital Bank that provides customer-centric services to organisations and individuals across the Nordic region. The listed company has a strong focus on data science.

Managing and automating authentication services at a leading consumer bank

Maintaining high availability while keeping an authentication solution updated and secure is a big challenge for all highly regulated organizations. Regular upgrades and patches are critical for trouble-free customer login and to mitigate breeches. However, with so many other IT considerations to take care of, authentication solutions can be pushed down the priority list. The bank wanted to ensure authentication and authorization received the same high priority as its other IT requirements. The most effective way to do this is through a partner who can automate many of the authentication processes and provide a professional service desk function. Data Ductus was identified as the best company to do this through its Identity as a Service offering.

Identity as a Service (IaaS) 

IaaS was developed to support medium to large organizations in regulated industries with their identity platform needs. Typically, customers have identified their preferred solution or are already using it, but they don’t have the technical competence or bandwidth inhouse to fully manage this business-critical service.

The Curity Identity Server 

Data Ductus has been a Curity partner for over six years; supporting organizations and enterprises that are dependent on strict API security within energy, banking, retail and communication. According to Stefan Nilsson at Curity, “Several customers have approached us and asked for support when internal changes have left them without the resources to effectively manage the Curity product. Customers remain happy with the platform, but they no longer have the inhouse expertise. In such cases, transferring responsibility to a certified partner, such as Data Ductus, makes complete sense.”

Taking identity to a new level 

The bank had been using the Curity Identity Server for three years when they approached Data Ductus. The solution worked smoothly, and they had a well-organized developer organization to manage it. However, they wanted to use more of their internal resources for developing new services. Additionally, they didn’t want to be dependent on inhouse identity expertise, and therefore decided to secure external competence through IaaS.

Secure authentication

Together, experts from the bank and Data Ductus began setting up IaaS. The transition was finalized within the bank’s infrastructure three months later. The secure authentication service includes proactive maintenance and support to maintain security, identify and resolve potential issues before they escalate, and handle incidents quickly.

“Whenever we begin working with a new customer we carry out a thorough analysis of their identity needs,” explains Per-Gustaf Stenberg, Solution Architect at Data Ductus. “We also identify which workflows and processes can be automated to improve operations, and implement technical and process best practices as standard. Additionnally, measurable and achievable SLAs are defined and agreed upon, and clear lines of communication are set up to ensure a transparent and effective collaboration”

Lifecycle management 

IaaS for the bank comes with lifecycle management – including hosting, support and license management. The dedicated service desk includes 2nd and 3rd line support for day-to-day management, ticket handling, new releases, and special tech support cases. Monitoring of dashboards and logs is automated. This includes generation of incident reports with actionable items. For full transparency, the bank have access to dashboards, tickets and response data.

According to Joacim Claesson, Service Account Manager at Data Ductus “Good collaboration is central to our relationship with the bank. Updates, configuration changes, patches and artifacts are automatically deployed on the staging site for testing before final approval by the team at bank. This level of security is a requirement for a bank, but so too is the contact between us. They need to know that we’re reacting to potential threats by updating the system, and we need to know they are available to approve them. Additionally, we develop the required artifacts for security purposes.” 

Artifacts can be developed by our team or developers at the bank. Delivery and deployment to the staging site have been automated.

Wide ranging benefits

The IaaS contract includes out-of-office hours service desk support, something that the bank didn’t have before. Additional benefits for the bank include:

  • Access to security experts with extensive authentication and Curity Identity Server experience 
  • New automated workflows  
  • More time and resources to focus on developing new services 
  • Fully transparent collaboration

The security team at the bank don’t have to worry about authentication anymore. No matter which device a customer logs in from they can be assured that their identity platform will handle the authentication and that customers will be able to access their accounts – a service customers rightly take for granted. Essentially, everything works as well as it used to, but the whole process is much more efficient and updates are made more regularly.

Anders Essner, Business Manager at Data Ductus.

How can we help you? 

Do you need help with authentication or any other security services? Get in touch and find out how we can help you.