Case Study: Mobiliar
Mobiliar, founded in Bern in 1826, is the oldest private insurance company in Switzerland. The company, which operates as a cooperative, employs more than 4,900 staff in Switzerland and Liechtenstein and offers 327 training places. One in every three Swiss households is insured through Mobiliar.
When Mobiliar made the decision to upgrade its end- user hardware, new Lenovo X1 Yoga laptops were provided to employees throughout the company. While the new computers offered better processing power, they lacked the integrated physical smart cards readers which Mobiliar had relied upon for two-factor user identity authentication. They needed a solution that would allow them the flexibility afforded by laptops without confidential client data.
"Reist-Telecom and Versasec provided the best, most cost-effective solution for our identity and access management needs" /Hans Probst of Mobiliar
Understanding the challenges of deploying laptops without smart card readers, Versasec and its partner Reist-Telecom, a specialized IT-authentication, credential management and user monitoring solutions company, recommended Mobiliar deploy virtual smart card (VSC) solutions for all of its company sites and agencies across Switzerland and Liechtenstein. Virtual smart card technology offers comparable security benefits to physical smart cards by using two-factor authentication. The virtual solutions emulate the functionality of physical smart cards, working with the Trusted Platform Module (TPM) chip within the laptops instead of a separate physical smart card and reader.
Reist-Telecom recommended Versasec's vSEC:CMS S-Series and Mobiliar agreed to evaluate the virtual smart card solution to ensure a seamless transition from physical smart cards to VSCs.
In the first phase of the deployment, Versasec and Reist-Telecom quickly installed Versasec's vSEC:CMS S-Series throughout the organization. Several months later, Reist-Telecom and Versasec implemented the second phase of the rollout which added quality, stability, client-server communication protocol adjustments and administration interface improvements.
In addition, Reist-Telecom and Versasec worked together to provide a custom Remote Service Device Manager (RSDM), which is now a standard feature in vSEC:CMS S-Series deployments. The RDSM tool enables Mobiliar to remotely and accurately manage company-deployed virtual smart cards on any employee's device, regardless of the device's location.
The system has been in place for more than one year and the Mobiliar team is pleased with the results - they've met their security goals while improving the mobility of their workforce. An upgrade of the system is planned for the fall of 2017 with new features such as bulk device deletion and bulk task execution being executed.
"Employees spread throughout our 200+ offices sites are now able to securely sign on and access critical data, without physical smart cards - even if they are working in their home office or as 'mobile workers.'"