Transcript
THE DATA PROTECTION COMPANY
Secure Access for Employees: Bechtle Group Case Study
Background The Bechtle Group has more than 60 system houses in Germany, Austria and Switzerland and is one of Europe’s leading IT e-commerce providers with trading companies in 13 countries. Bechtle is a manufacturer-independent company that provides one-stop shopping for all the IT infrastructure and operation needs of its more than 56,000 industrial, public sector and financial market customers.
Customer Need
Solution Requirements
In 2009, the Bechtle Group decided to reassess its remote access strategy for employees. Until then, the company had been using heterogeneous remote access systems for different purposes and different groups of employees. The IT cost and administrative overhead of running several systems was high and the company wanted to implement a comprehensive security framework. Bechtle, therefore, decided to consolidate its remote access services for employees under one common platform. Bechtle wanted to make sure that all remote access was secured with strong authentication.
Flexibility: The ability to deploy different authentication methods to different groups of users depending on their access rights and location. There were two primary use cases that Bechtle wanted to address: • Secure certificate-based remote access for employees logging on to the network with corporate issued laptops
The company also wanted to create a foundation for implementing a comprehensive strong authentication strategy.
• Secure one-time password (OTP) remote access for employees logging on to the network using their own computers Scalability: The ability to expand the solution to additional use cases and security features, such as hard drive encryption Ease of Deployment: The ability to easily integrate with Active Directory without extending the production schema Interoperability: Seamless support for third-party applications like Citrix, Cisco, OWA, and UTIMACO
Secure Access for Employees: Bechtle Group Case Study
1
Solution Benefits
The Solution To meet the company’s secure access needs with a single platform, the Bechtle Group deployed SafeNet Authentication Manager with the SafeNet eToken NG-OTP hybrid authenticator, which provides certificate-based and OTP authentication technologies in the same device. SafeNet Authentication Manager is a comprehensive authentication management solution that supports multiple security solutions, a range of authenticators, and different authentication methods, including certificate-based and OTP technology. It significantly reduced administration and IT overhead by enabling Bechtle to centrally manage both certificate-based and OTP authenticators with a single platform and addressed Bechtle’s need to implement a complete authentication infrastructure that met the company’s diverse security needs. These included: •
Strong certificate-based secure access via Cisco VPN for employees with company-issued laptops
•
OTP secure remote access via Cisco Web VPN for employees who want the flexibility of accessing OWA or other Web services. This option saves Bechtle IT from having to install client software on employee computers, and provides employees with the option of being able to access corporate resources from their laptops and home computers with the same authenticator
Since the SafeNet eToken NG-OTP authenticator supports OTP and certificate-based authentication, employees need only carry one device with them in order to access corporate resources at all times from wherever they are. SafeNet Authentication Manager provides Bechtle with the flexibility and scalability it needs to easily expand its security footprint as desired. It seamlessly supports Cisco VPN for secure access to both network and Web-based resources, and also supports advanced security applications, such as full disk encryption.
“SafeNet Authentication Manager helped us to implement a comprehensive and consolidated strong authentication infrastructure and provide a secure way for employees to safely access internal resources from anywhere at any time. The platform’s flexibility and scalability was crucial for us as it allowed us to implement our security policies and will enable us to deploy additional security solutions in future.”
• Single server – multiple solutions: SafeNet Authentication Manager enables Bechtle to use a single authentication platform for all its authentication needs, significantly reducing IT overhead and administrative costs. • Seamless support for Active Directory: Thanks to SafeNet Authentication Manager’s seamless support for Active Directory, Bechtle was able to leverage its existing AD schema, shortening deployment time and facilitating authentication management. • Support for multiple authentication methods: SafeNet Authentication Manager’s ability to support OTP and certificatebased authenticators allowed Bechtle to offer employees the ability to access corporate resources either from corporate-issued laptops or their own computers. • Convenience for employees: The hybrid eToken NG-OTP provides employees with convenience and flexibility since they can use it to access corporate resources inside the organization, from corporate laptops, and from their home computers. • Lower TCO: SafeNet’s single server solution enabled Bechtle to consolidate its entire authentication infrastructure in one platform. This significantly reduced help desk calls, reduced license and software costs, and reduced IT administration overhead of the system. • Enhanced management capabilities: SafeNet Authentication Manager provides tools for managing the entire authentication lifecycle, including separation of duties for role-based administration. Seamless integration with Bechtle’s MS Active Directory and the use of standardized components like MS Radius and MS Certificate Services eliminated the use of other independent repository and proprietary systems.
About SafeNet Founded in 1983, SafeNet is a global leader in information security. SafeNet protects its customers’ most valuable assets, including identities, transactions, communications, data and software licensing, throughout the data lifecycle. More than 25,000 customers across both commercial enterprises and government agencies and in over 100 countries trust their information security needs to SafeNet.
Dipl.-Ing. Florian Zahn, Network Engineer, Bechtle AG Corporate Datacenter
THE DATA PROTECTION COMPANY
Contact Us: For all office locations and contact information, please visit www.safenet-inc.com Follow Us: www.safenet-inc.com/connected ©2011 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. CS (EN)-1.18.12
Secure Access for Employees: Bechtle Group Case Study
2
