Security Levels based on SmartCard Login

Challenge

How to protect sensitive data (HR, innovations, whatever) in a highly complex, worldwide acting company? The challenge here was to establish a completely secured environment for specific teams inside the enterprise, while allowing them to use the enterprise global IT Structure as much the same way as the rest of the participants do.

Design

The Design was based on a security levels, and to reach the highest access and security level, the individual seeking access to sensitive data had to use a smartcard to login (2-Factor Authentication). Once reaching this security level, the user was able to access the secured data, but was not able to write (store) information to any device that had a lower security level.

Implementation

The security level assignments was done on several elements and used throughout them. These elements where implemented as modules, eg ‘SecurePrint’, ‘SecureNetwork’, ‘SecureFileSystem’, ‘SecureLogin’ or ‘SecureMail’. For each module, we had security layers defined from ‘Basic Security’, ‘High Security’ and ‘VeryHighSecurity’.

Operation

The system was implemented early 2003, and was in use until the end of 2013, when it was replaced by newer technologies and based on new requirements.

During the 10 years of operations, the overall ideas and implementations proofed to be a real benefit for the day to day operation. There was no single know security issue or data leakage.

Like what your just read? Need more information and references, where we have successfully applied our ideas?

Feel free to contact us