Brief description:

The aim of the project was to introduce and operate a 2-factor authentication system based on physical and virtual smartcards. In addition to 3rd level operation, Netlution was responsible for the planning, conceptualization, evaluation and introduction of the smart card solution. In addition to a content expansion (multi-factor authentication), a team split into an authentication team and a PKI team was carried out.

Situation:

At the start of the project, the customer was already operating a PKI infrastructure that primarily issued and managed client and server certificates. User certificates were not available. User authentication/login was carried out via user name and password. The existing e-mail encryption was implemented via Lotus Notes (Notes ID). Mobile devices (tablets/phones) had no possibility of mail synchronization for encrypted content. Initially, Netlution took over SC management in one area (distribution of smartcards worldwide) with 1 FTE. The assignment was expanded to include various “major upgrade” projects and the area of responsibility for multi-factor authentication and “Windows Hello for Business”.

Customer request:

  • Operation of Smartcard Management System (CMS)
  • Evaluation and introduction of new “multi-factor authentication” products into the company (e.g. Windows Hello for Business)
  • Automation and further development of operational processes (e.g. smartcard lifecycle, certificate history handling, etc.)
  • Maintenance of KDBs and contact to the service desk as 3rd level (incl. regular training)
  • Introduction and implementation of new agile working methods (KanBan)

The aim of the project was to introduce and operate 2-factor authentication based on physical and virtual smartcards. Each of the customer’s employees was to receive a smartcard on which three user certificates (authentication, encryption and signature) were to be stored. In addition to planning, conceptualizing, evaluating and introducing the smartcard solution, the new server infrastructure was also planned, set up and operated as a basis

For the service, a competent, suggestively developing team of experts was required to take on operational responsibility over the entire product life cycle, to further develop the service and to operate it in a stable, secure and economical manner until the end of life.

KPIs:

  • Ensuring the operation of the CMS environment (~120,000 clients / users)
  • Simplification of individual processes through automation
  • Reduced effort on the part of the service desk through health check pages
  • Support with the integration of new technologies into the existing landscape
  • Co-introduction of the “agile approach” in the company / increasing the “flow” in the team

Netlution supports the customer in the following areas of projects and ongoing operations, among others:

  • Ensuring the service
  • Server administration and patch management
  • Version updating of client applications
  • Project management assistance
  • Incident handling (3rd level support)
  • Automation of existing processes
  • Process definition, process updating
  • Training of the service desk, provision of knowledge base articles
  • Rollout coordination, test center operation
  • Troubleshooting
  • Transparent, centralized resource and deployment management
  • Planning security thanks to uniform, consistent billing basis
  • Administrative relief

Netlution solution:

Process optimization

Netlution independently analyzed processes and recommended optimizations to the customer, which were jointly developed and implemented. Netlution also trained the service desk on new or changed processes.

3rd level support

Netlution provided 3rd level support, communicated with the service desk and analyzed the communication with the manufacturer together with an external provider. Manufacturer tickets were also monitored, managed and controlled by Netlution.

Monitoring & System Health

Netlution supported the definition and creation of the server monitoring with customer-specific tools.

Server / Change Management

Netlution was responsible for updating the server environment. Patches supplied by the manufacturer were independently tested for functionality using test cases developed in-house and agreed with the customer and later transferred to the production environment. The changes were accompanied from creation to “Verified” status. This also included requesting and using maintenance windows / downtimes as well as carrying out new functional tests in the productive environment after completion.

Project duration:

The project started in Q3/2011 and Netlution has been providing support since Q3/2014. The managed service is still running today.

Netlution services:

  • Establishment of an expert team (scaling 1 FTE à 7 FTE)
  • Team split into – Authentication Team (5 FTE) & PKI Team (2 FTE, expansion to 5 FTE)
  • Ensuring service, administration, optimization and further development of the smart card environment
  • Troubleshooting 2nd / 3rd level (ticket-based)
  • Service management (incl. customer contact person, review meetings, steering committee, etc.)
  • KPI / SLA reporting
  • Documentation (incl. knowledge transfer management, e.g. wiki, logbook)
  • Utilization of synergies through overarching cooperation with other Netlution teams