Acumen Solutions

Smart Card Identity Management System
Large Pharmaceutical Company

Business Challenge

Government regulatory requirements and a growing threat environment have driven the need for tighter security controls, especially with respect to end user computer, application and network access credentials. Corporate security policy demanded users manage complex, expiring passwords for accessing all applications, PC's and networks, driving up the cost of end user help-desk, while simultaneously reducing the quality of the end-user computing experience. As a result, the firm sought a way to lower cost and improve the end user experience while still meeting regulatory and policy compliance requirements. The firm hired Acumen Solutions to develop an end-user security identity and credential management system that would meet these objectives.

The client is a large, multi-unit pharmaceutical firm with tens of thousands of employees. Their business model and corresponding computing environment required that new technology solutions meet the broad requirements of many user groups rather than just a single operation. In addition, solutions were to be operable by a central Information Technology operations group and be suited to reasonable integration with existing technologies and management capabilities. What emerged was a complex functional and technical requirements challenge that included:

• Legally enforceable digital signatures accessed by smart card
• New photo identification badge consolidated with the smart card for building access
• End-user PC login and disk encryption using the smart card
• Integration with corporate directory services for reduced sign on to directory enabled applications
• Centralized provisioning, deployment and management of credentials
• Adherence with all regulatory and corporate security policies

Solution

A team of Acumen Solutions consultants developed a smart card-based identity and credential management environment that met the complex technical and functional requirements of the firm. During the engagement, Acumen Solutions:

• Developed a smart card-based single sign-on architecture that supports policy compliance, but shifts credential complexity and management away from users.
• Developed an authentication model that supported a single card that acts as a photo ID badge, a physical door access badge, a token to allow legally enforceable digital signatures (Identrus) and a token to provide for strong authentication to computers, applications and networks.
• Developed architectural options for supporting kiosk-based access to applications and data that maintained the firm's requirement for strong authentication.
• Developed a supporting operational model that streamlined provisioning and deployment functions allowing most of these functions to be centralized within the physical security team.

Return on Investment

Today, the firm is piloting the technology architecture developed by Acumen Solutions to support consolidated smart card ID badge, strong authentication to business applications, end user credential management, legally enforceable digital signature and centralized provisioning and management. The firm expects to roll out the solution to more than 15,000 US based employees in 2005 to improve end user experience, enhance functionality, reduce help desk calls and satisfy growing regulatory requirements.