New Users
Home
Analysts & Consultants
People
Channel Advantage
Products
Technology
Case Studies
Awards
About This Guide
Credit Suisse
Background: Credit Suisse is a leading global bank headquartered in Zurich, Switzerland. It is focused on serving its clients in the three business lines investment banking, private banking and asset management. Credit Suisse is renowned for providing expert advice, holistic solutions and innovative products to a wide range of corporate and institutional clients and high-net-worth individuals globally, as well as retail clients in Switzerland. Worldwide, Credit Suisse has approximately 63,000 employees. Credit Suisse is present in 52 locations across the US, Canada, Latin and Central America. In Asia Pacific, Credit Suisse is active in 12 countries and in EMEA it is a total number of 28 countries.
Challenges: Stringent legal and regulatory requirements governing access to and the storage of information was a strong factor in Credit Suisse’s search for a solution to their security needs. To fulfill its accountability requirements and to fully realize the benefits of its chosen technologies, Credit Suisse needed security capabilities that would provide an effective means of authenticating users and ensuring accountability and confidentiality. User accountability and privacy of the confidential financial information handled by its employees and IT systems were of the utmost importance to Credit Suisse. Credit Suisse requires a full and accurate record of all users accessing its corporate resources to ensure both accountability and the integrity of all types of information. Ensuring that users are properly identified and authenticated to applications is therefore a critical issue. When examining possible new solutions for its authentication requirements, Credit Suisse identified the following solutions: smart cards and the construction of a single security infrastructure that would enable authentication, authorization, encryption and digital signatures. Credit Suisse decided that Entrust’s Public Key (PKI) technology would be the best option to provide authentication functions for its users because it could also provide the other core security functions Credit Suisse may need in the future.
“Entrust has a proven track of record at Credit Suisse. Their products have been in use for a number of years. Operation of the public key infrastructure products runs smoothly and in a reliable manner. Entrust has provided Credit Suisse with excellent support services.”
Beatrice Gruber, Technical Domain Architect IT-Security
Issues: In an environment where smart card log on to XP is enforced, availability and accuracy of Certificate Revocation Lists (CRLs) is mandatory. Entrust Authority Security Manager delivers new CRL configuration features which enables Credit Suisse to set up a reliable and expandable infrastructure. CRL checking is no longer a potential single point of failure. The deployment of Entrust Roaming Server improved the security of soft certificates. Storage of these credentials is now secure and less vulnerable.
Solution provided by Entrust: Entrust provided the following PKI solutions to Credit Suisse: A) Entrust Authority: Entrust Authority Security Manager, Entrust Authority Roaming Server and Entrust Authority Toolkits were leveraged to provide the public key infrastructure for smart cards. Credit Suisse employees approximately 23,000 people in Switzerland and have used soft certificates for a number of years. When introducing smart cards, a new certification authority (CA) had to be installed. Credit Suisse favored Entrust over other competitors because the Entrust Authority Security Manager suite met all specified requirements and offered the capability to launch Credit Suisse’s highly secure infrastructure in a relatively short timeframe. One of the major challenges of this deployment was the initial issuance of the smart cards. A home-grown application, which communicates to the CA through leveraging Entrust Authority Toolkits, enabled the users to issue their smart card in a secure self-service mode. Credit Suisse has strong authentication in place through enforcing smart card log on to Windows XP, IBM host and approximately 200 PKI-enabled applications. The new solution is user-friendly as the number of passwords a user must remember has been reduced. That causes less support calls because of password resets. Entrust Authority Security Manager has issued certificates to around 23,000 users in Switzerland and approximately 20,000 additional users worldwide will follow within the next twelve months. Entrust Roaming Server supports Credit Suisse in securely storing credentials and enables the user to have worldwide access to his/her credentials regardless of the current location. Through Entrust Authority Toolkits, integration of PKI technology with a home-grown system has been accomplished. B) Entrust Entelligence Desktop Manager: When examining possible new solutions for its authentication requirements, Credit Suisse identified the construction of a single security infrastructure that enabled authentication, authorization, encryption and digital signatures, as its main objective. Credit Suisse's main focus when choosing the Entrust solution was to achieve more effective authentication of internal users. The Entrust Entelligence Desktop Manager solution is designed to overcome a common weakness in the implementation of most security systems: human nature. If individuals need to understand the security system or carry out complex steps in order to apply it, there is a likelihood that they will use it incorrectly or not at all. The Entrust Entelligence Desktop Manager solution authenticates internal users against Web servers and a large number of other business applications. As a result, it is no longer necessary for these applications to include login security and password management, meaning that new applications can now be developed and deployed more quickly.
Solution provided by Entrust: Entrust provided the following PKI solutions to Credit Suisse:
A) Entrust Authority: Entrust Authority Security Manager, Entrust Authority Roaming Server and Entrust Authority Toolkits were leveraged to provide the public key infrastructure for smart cards. Credit Suisse employees approximately 23,000 people in Switzerland and have used soft certificates for a number of years. When introducing smart cards, a new certification authority (CA) had to be installed. Credit Suisse favored Entrust over other competitors because the Entrust Authority Security Manager suite met all specified requirements and offered the capability to launch Credit Suisse’s highly secure infrastructure in a relatively short timeframe. One of the major challenges of this deployment was the initial issuance of the smart cards. A home-grown application, which communicates to the CA through leveraging Entrust Authority Toolkits, enabled the users to issue their smart card in a secure self-service mode. Credit Suisse has strong authentication in place through enforcing smart card log on to Windows XP, IBM host and approximately 200 PKI-enabled applications. The new solution is user-friendly as the number of passwords a user must remember has been reduced. That causes less support calls because of password resets.
Entrust Authority Security Manager has issued certificates to around 23,000 users in Switzerland and approximately 20,000 additional users worldwide will follow within the next twelve months. Entrust Roaming Server supports Credit Suisse in securely storing credentials and enables the user to have worldwide access to his/her credentials regardless of the current location. Through Entrust Authority Toolkits, integration of PKI technology with a home-grown system has been accomplished.
B) Entrust Entelligence Desktop Manager: When examining possible new solutions for its authentication requirements, Credit Suisse identified the construction of a single security infrastructure that enabled authentication, authorization, encryption and digital signatures, as its main objective. Credit Suisse's main focus when choosing the Entrust solution was to achieve more effective authentication of internal users. The Entrust Entelligence Desktop Manager solution is designed to overcome a common weakness in the implementation of most security systems: human nature. If individuals need to understand the security system or carry out complex steps in order to apply it, there is a likelihood that they will use it incorrectly or not at all. The Entrust Entelligence Desktop Manager solution authenticates internal users against Web servers and a large number of other business applications. As a result, it is no longer necessary for these applications to include login security and password management, meaning that new applications can now be developed and deployed more quickly.
“Strong authentication to mission critical applications is crucial to customers like Credit Suisse. Every single application had to implement strong authentication mechanisms putting an additional burden on the user by the need to remember many different passwords. The use of certificate based authentication greatly reduced the number of passwords to remember and unified the security layer in the home-grown applications.”
Gero Morres, Account Executive, Entrust
Summary: Credit Suisse Group's main focus when choosing the Entrust solution was to achieve more effective authentication of internal users. The Entrust Entelligence Desktop Manager solution authenticates internal users against Web servers and a large number of other business applications. As a result, it is no longer necessary for these applications to include login security and password management, meaning that new applications can now be developed and deployed more quickly. In addition, the product may also offer some potential for future cost savings, such as the elimination of token administration and a reduction in password administration. Credit Suisse Group has already started to reduce the cost of administering tokens and resetting passwords for internal users. It has also increased the speed with which new applications can be developed by leveraging a central authentication infrastructure instead of incorporating it in each individual application. However, Credit Suisse Group is particularly interested in the longer-term return on its investment in Entrust technology, since ensuring appropriate security can pave the way for more sophisticated business processes in the future. Credit Suisse has recently completed the rollout of employee smart cards for certificate based login applications and security services, and improved single sign-on capabilities. Credit Suisse has also installed the Entrust Entelligence Desktop Manager at the workplaces of some 20,000 employees and plans to continue rolling out the application for internal usage across further areas of the company.
Summary: Credit Suisse Group's main focus when choosing the Entrust solution was to achieve more effective authentication of internal users. The Entrust Entelligence Desktop Manager solution authenticates internal users against Web servers and a large number of other business applications. As a result, it is no longer necessary for these applications to include login security and password management, meaning that new applications can now be developed and deployed more quickly. In addition, the product may also offer some potential for future cost savings, such as the elimination of token administration and a reduction in password administration.
Credit Suisse Group has already started to reduce the cost of administering tokens and resetting passwords for internal users. It has also increased the speed with which new applications can be developed by leveraging a central authentication infrastructure instead of incorporating it in each individual application. However, Credit Suisse Group is particularly interested in the longer-term return on its investment in Entrust technology, since ensuring appropriate security can pave the way for more sophisticated business processes in the future. Credit Suisse has recently completed the rollout of employee smart cards for certificate based login applications and security services, and improved single sign-on capabilities. Credit Suisse has also installed the Entrust Entelligence Desktop Manager at the workplaces of some 20,000 employees and plans to continue rolling out the application for internal usage across further areas of the company.
Entrust 16633 North Dallas Parkway Suite 800 Dallas, TX 75001 USA Tel: 1-972-713-5915
Recommend this to others:
HOME |
ADVERTISE WITH US |
TELL US ABOUT YOURSELF |
UPDATED PRIVACY POLICY |
Copyright © 2006 Silicon Valley Communications - All rights reserved.
