Revolutionizing PKI for a Leading Financial Institution

Customer Sitution

The customer is a large bank in Poland, forming the 10th largest financial group in the country, with over 8,000 employees. They provide innovative banking services to more than 4 million customers, including almost 200 thousand business accounts. With a reputation for achieving the highest profitability among Polish banks, the customer faced critical challenges in ensuring single authentication to all company resources, implementing an innovative single Multi-Factor Authentication (MFA) solution for IT and physical infrastructure access, and meeting highly demanding security requirements mandated by external regulations. Additionally, the customer aimed to seamlessly integrate with their banking ecosystem, encompassing applications, network devices, remote terminals, and implement Single Sign-On (SSO) for all systems using a cryptographic token (smart card). Furthermore, they needed to integrate their physical access control system using the same token.

Partner Solution

The partner responded to the customer’s challenges with a comprehensive and tailored solution. They conducted in-depth requirements analysis, facilitating Design Workshops for the new security solution. Subsequently, ISCG created the technical project design documentation, implemented the Root CA, and integrated Subordinate CAs with Active Directory. They designed and deployed hybrid tokens to enable the use of a single cryptographic token for all bank systems and building access. Additionally, the partner deployed a Cards/Tokens Management System (CMS) and provided comprehensive training to the customer’s administrative team.

Key Drivers & Business Objectives

The main drivers behind the project were to establish a robust and secure PKI system, define effective management processes for the PKI infrastructure, and implement a unified hybrid token system for all bank applications and building access. Integration with the bank’s application ecosystem, ensuring secure authentication and SSO, and meeting stringent security standards were also essential drivers.

Value Provided & Business Outcomes

The project resulted in the successful implementation of a well-defined PKI system, offering secure communication, VPN and WiFi access with mobile devices, and advanced PKI and HSM monitoring integrated with Microsoft SCOM. The integration of PKI with the bank’s application workflows ensured secure authentication with SSO for all bank applications. The customer now benefits from a highly secure PKI infrastructure that meets their demanding security requirements and provides seamless access to their systems and assets.

Win Insights

The customer achieved a seamless and unified security solution that covers various aspects of their operations, from IT infrastructure to physical access control. The project allowed them to enhance overall security, streamline authentication processes, and ensure regulatory compliance. The deployment of a hybrid token system significantly simplified access management while providing a robust security layer.

Lessons Learned

Through this project, the customer gained valuable insights into the intricacies of managing PKI infrastructure, implementing innovative authentication solutions, and integrating complex systems within a heterogeneous environment. The importance of conducting comprehensive requirements analysis and conducting Design Workshops for tailored solutions was underscored. Additionally, the customer recognized the significance of effective technical project documentation and the importance of thorough training for administrative teams to manage and maintain the PKI infrastructure successfully. The project highlighted ISCG’s exceptional technical and organizational competence in delivering complex security solutions.