Identity as a Service brings automation to digital bank’s secure authentication service
A digital bank wanted expert support for identity management from a trusted service provider that could deliver secure authentication. Our Identity as a Service solution, IDaaS, with proactive support proved ideal as it enabled the bank to focus on core IT activities.
The bank wanted to secure external expertise to support, update and manage, gateways, firewalls, and its Curity Identity Server. This would enable it to focus on creating revenue driving services rather than the upkeep of essential authentication functions.
Identity as a Service includes automated releases, deployments and workflows for best practice deployment and management. Proactive support ensures systems run smoothly and securely.
How we did it
Management of the firewalls, gateways and the Curity Identity Server was transferred to an automated environment, according to best practices. This was done by the same 2nd and 3rd line development team that is now responsible for operations.
Product updates are deployed regularly and on time, patches are deployed to thwart potential breaches, additional expert resources can be called upon if needed, and the bank has access to Data Ductus Curity/IAM expertise and support.
About the client
A Swedish digital Bank that provides customer-centric services to organisations and individuals across the Nordic region. The listed company has a strong focus on data science.
Managing and automating authentication services at a leading consumer bank
Maintaining high availability while keeping an authentication solution updated and secure is a big challenge for all highly regulated organizations. Regular upgrades and patches are critical for trouble-free customer login and to mitigate breeches. However, with so many other IT considerations to take care of, authentication solutions can be pushed down the priority list. The bank wanted to ensure authentication and authorization received the same high priority as its other IT requirements. The most effective way to do this is through a partner who can automate many of the authentication processes and provide support. Data Ductus was identified as the best company to do this through its Identity as a Service offering.
Identity as a Service (IDaaS)
IDaaS was developed to support medium to large organizations in regulated industries with their identity platform needs. Typically, customers have identified their preferred solution or are already using it, but they don’t have the technical competence or bandwidth inhouse to fully manage this business-critical service.
The Curity Identity Server
Data Ductus has been a Curity partner for over six years; supporting organizations and enterprises that are dependent on strict API security within energy, banking, retail and communication. According to Stefan Nilsson at Curity, “Several customers have approached us and asked for support when internal changes have left them without the resources to effectively manage the Curity product. Customers remain happy with the platform, but they no longer have the inhouse expertise. In such cases, transferring responsibility to a certified partner, such as Data Ductus, makes complete sense.”
Taking identity to a new level
The bank had been using the Curity Identity Server for three years when they approached Data Ductus. The solution worked smoothly, and they had a well-organized developer organization to manage it. However, they wanted to use more of their internal resources for developing new services. Additionally, they didn’t want to be dependent on inhouse identity expertise, and therefore decided to secure external competence through IDaaS.
Together, experts from the bank and Data Ductus began setting up IDaaS. The transition was finalized within the bank’s infrastructure three months later. The secure authentication service includes proactive maintenance and support to maintain security, identify and resolve potential issues before they escalate, and handle incidents quickly.
“Whenever we begin working with a new customer we carry out a thorough analysis of their identity needs,” explains Per-Gustaf Stenberg, Solution Architect at Data Ductus. “We also identify which workflows and processes can be automated to improve operations, and implement technical and process best practices as standard. Additionnally, measurable and achievable SLAs are defined and agreed upon, and clear lines of communication are set up to ensure a transparent and effective collaboration”
IDaaS for the bank comes with lifecycle management – including hosting, support and license management. The team acts as 2nd and 3rd line support for day-to-day management, ticket handling, new releases, and special tech support cases. Monitoring of dashboards and logs is automated. This includes generation of incident reports with actionable items. For full transparency, the bank have access to dashboards, tickets and response data.
According to Joacim Claesson, Service Account Manager at Data Ductus “Good collaboration is central to our relationship with the bank. Updates, configuration changes, patches and artifacts are automatically deployed on the staging site for testing before final approval by the team at bank. This level of security is a requirement for a bank, but so too is the contact between us. They need to know that we’re reacting to potential threats by updating the system, and we need to know they are available to approve them. Additionally, we develop the required artifacts for security purposes.”
Wide ranging benefits
The IDaaS contract includes out-of-office hours support, something that the bank didn’t have before. Additional benefits for the bank include:
- Access to security experts with extensive authentication and Curity Identity Server experience
- New automated workflows
- More time and resources to focus on developing new services
- Fully transparent collaboration
The security team at the bank don’t have to worry about authentication anymore. No matter which device a customer logs in from they can be assured that their identity platform will handle the authentication and that customers will be able to access their accounts – a service customers rightly take for granted. Essentially, everything works as well as it used to, but the whole process is much more efficient and updates are made more regularly.Anders Essner, Business Manager at Data Ductus.
How can we help you?
Do you need help with authentication or any other security services? Get in touch and find out how we can help you.