Manufacturing giant Alstom reckons it’s reduced the cost of administering remote access to all its global enterprise systems by a staggering 75% – while also improving anywhere, anytime service and ease of use for business users, and vastly strengthening security. Brian Tinham reports
Manufacturing giant Alstom reckons it’s reduced the cost of administering remote access to all its global enterprise systems by a staggering 75% – while also improving anywhere, anytime service and ease of use for business users, and vastly strengthening security.
Alstom’s global chief security officer and IT risk manager, Vincent Cremin, led the development of the new access management system in collaboration with IT security firm ActivCard, Microsoft and others, and has headed its testing and implementation around the world.
It now covers access to all Alstom’s IT systems across all of its commercial and manufacturing activities, involving some 700 sites and 450 factories in 90 countries
Hitherto, Alstom was an old RSA access controls user, with 3,000 employees on the system; already, 6,000 users are working with the ActivPack replacement, and this is shortly to be ramped up to cover 20,000 regular users.
Whereas its old system was managed independently for most of Alstom’s 700 sites around the world, with two administrators at most sites, management and diagnostics for the new system are entirely remote and laregly automated, centred on a single Alstom site, with a small IT team
Cremin makes the point that this really does cover everything – from its SAP ERP systems and its multiple other Tier Two enterprise applications, to Lotus Notes email, all its web systems, PeopleSoft HR, financials, CAD/CAM and so on. Included are some 20 enterprise applications, linked via global VPNs, on a roles and permissions basis, auto-administered.
And that’s important: as he says, Alstom deals with many kinds of sensitive projects – from nuclear power generation to high speed trains, like the TGV, gas turbines and ocean liners like the QE II. So strong internal security is as important as the business responsiveness provided by remote user system access.
And this is about as robust as you get: it provides full multi-factor authentication. In brief detail, users are provided with individual robust USB keys, storing all identity credentials and covering all relevant systems access. It also covers all access methods – Web, terminal server, Citrix, wireless and so on. Users never have to remember their passwords across the systems – just one PIN, allowing for strong and rolling authentication.
For potential users in the UK, ActivCard is now being sold by network security specialist Allasso, which has offices throughout Europe.