Intelligent CISO Issue 43 - Page 53

Our vision is to ensure that we not only deliver solutions , but we do so securely . www . intelligentciso . com
COVER STORY
How has Ping Identity ’ s technology offering improved the organisation ’ s identity management capabilities ?
With Ping , we have a partner which is driving improvements within the Identity and Access Management field , in collaboration with other IT providers . Its technology stack has given us an irreplaceable foundation to increase our efficiency , security and usability .
Prior to using Ping ’ s products , we utilised a combination of open source and purchased products . We were relying on three major technologies for authentication and authorisation : for access management we relied heavily on our central LDAP directory ; and for identity management we used proprietary web services or messaging sent to a middleware allowing for custom integrations . Needless to say , the effort of integrating systems was high .
With the introduction of the authentication service , we shifted our focus to delivering standards-based integrations . For access management , OpenID Connect and SAML became standard , while SCIM ( System for Cross-domain Identity Management ) is our preferred technology for identity management . This change has allowed us to significantly increase our integration efficiencies by reducing the time to integrate a new system by more than 70 %.
With the introduction of multi-factor and risk-based authentication for access to our business applications , we increased our security . The release of passwordless authentication ( using FIDO2 ) allowed us to maintain the security while significantly improving user experience .
As one of the world ’ s leading global logistics providers , how important is having secure business practices in place across the organisation ?
Logistics is more than just moving packages from point to point , it ’ s about delivering solutions that benefit the people for which they are designed .
Of course , in our modern world , IT plays a critical part in allowing business to take place . It is therefore essential that the IT and the business practises are aligned . Only then are we able to deliver on our promises .
Our vision is to ensure that we not only deliver solutions , but we do so securely . To realise this , we need to be aware of all components within the supply chain and how they interact .
With the knowledge of the supply chain and its security requirements , we can not only deliver the security demanded from our customers and partners ; we can drive the change to improve our business and IT security practices .
What are some of the common cybersecurity challenges you face in the logistics industry ?
Generally , they ’ re not much different to any other sector : ransomware , phishing , scamming , identity theft , espionage . Our users are just like in any other business ; often our weakest link .
How have your workforce , partners and customers benefitted from this implementation ?
Unlike many other companies , DB Schenker maintains all user profiles within a single Identity and Access Management ecosystem ( employees ( workforce ), contractors , partners , robots and things ). This has developed as a response to the complex demands posed by our business and has only been possible to realise due to the flexibility of Ping Identity ’ s technology stack . Having a single solution brings with it many benefits for both users and administrators , the single largest being secure single sign-on .
We have been able to realise single sign-on not just within our own company , but with many of our partners and customers . This is known as identity federation and it allows entitled DB Schenker users to access our partners ’ systems using their own DB Schenker profile . Using our central authentication authority , we are able to enforce , after risk assessment , that the correct authentication methods are used as demanded by our security policies . It also allows our users to have a seamless experience as they don ’ t need to have multiple user , password and MFA combinations for different business applications .
Resulting from the demands of having all users in a single system , each of the different user groups have benefitted with additional features being available , where this might not have been the focus using individual implementations . Customer-facing applications often focus on being user friendly and efficient , whereas employee-focused solutions deliver security . At DB Schenker , users have the best of both worlds ; a solution which is userfriendly , efficient and has all of the security configurations required for employee access .
What ’ s in store for DB Schenker over the next 12 months and how has Ping Identity played a part in this ?
Our next steps focus on consolidating what we already have by improving both usability and security and delivering these benefits for DB Schenker . We will continue to focus on maturing our passwordless offerings , with a longterm vision of removing passwords completely . For this to be achievable , we need to continue to integrate business applications with our Ping components . We will continue to develop our risk evaluation , to be able to detect and react on anomalies in user behaviour and we will bring this together as a key component of our Zero Trust architecture . u

Our vision is to ensure that we not only deliver solutions , but we do so securely . www . intelligentciso . com

53