Case study: ISSP
ISSP is a leading system integrator in the Ukraine, which is 100 per cent focused upon designing, developing and implementing complex security solutions for corporate IT environments. ISSP uses best in class products from the world-leading vendors and professional services with extensive customer care maintenance and support options to provide its clients with versatile, effective and efficient security solutions.
Corporate computers generally are configured to require a form of authentication for logon purposes. User name and password authentication, the most widely used logon security mechanism, is only as infallible as its users. Users often share their personal passwords with friends and work colleagues. Sometimes a user may write a password on a slip of paper and clip it to their computer monitor or keyboard. If a user does not safeguard a password, the network may be subject to concurrent usage of a user account or worse, may be unprotected against malicious break-ins. For these reasons ISSP decided to use smart cards for its employees to logically access their corporate network to increase security and meet the best practice for Windows logon as recommended by Microsoft.
"As a professional company extremely focused on information security, we are keen to implement efficient and innovative solutions to secure our own IT environment. That's why we implemented the vSEC:CMS." /Roman Sologub, General Manager at ISSP
Using a smart card to perform Windows smart card logon requires that a digital user certificate needs to be issued and stored on the smart card. Also, the security keys of the smart card need to be managed to ensure that the highest level of security is achieved. The smart card chosen was the Gemalto .NET smart card. By selecting the vSEC:CMS S-Series application, ISSP was quickly able to configure the application to connect to the corporate directory and the corporate PKI, allowing the IT smart card administrators to register, issue and manage the employees smart cards in less than 15 minutes. The vSEC:CMS S-Series provides all the functionality required to manage ISSP's employee smart cards throughout their lifecycle.
Roman Sologub, General Manager at ISSP, explains: "As a professional company extremely focused on information security, we are keen to implement efficient and innovative solutions to secure our own IT environment. That's why we implemented the vSEC:CMS - a very innovative solution which allows us to perform daily operations of smart card management processes with optimal time and HR consumption. Based on personal experience I can say that the vSEC:CMS enables us to carry out the maximum benefits from our smart card infrastructure. Now we can use PKI security which has no compromise with manageability and ease of use!"