By combining Ilex International’s IAM platform with the expertise of SF2i, CAFAT implements a unique username and SSO authentication so that external users can access online administration services simply and securely.
The solutions implemented:
Meibo Identity Management et Sign&go Global SSO
Meibo Identity Management : Identity and rights management, workflow and provisioning processes.
Sign&go Global SSO : Strong and adaptive authentication, access control, global SSO (Web SSO and eSSO), identity federation and mobile SSO.
The challenges
- Provide a single repository for external IT system users
- Desegregate the IT system and propose a single username for every user
- Centralise and secure all access to e-services on the internet portal
- Facilitate access to e-services for users with multiple accounts
A comprehensive social security system
for New Caledonia
CAFAT, New Caledonia’s social welfare organisation, offers the territory’s employees management of systems related to workplace accidents and occupational illnesses, family, unemployment, disability and death, old age and widowhood. CAFAT also manages the unified maternity and illness insurance scheme for all of New Caledonia’s workers and pensioners (employees, civil servants and self-employed workers).
In 2013, CAFAT provided healthcare professionals and business leaders with a set of online services accessible via an internet portal. However, these external users and business applications were not centrally managed, and CAFAT planned to offer more e-services.
It is in this context that CAFAT launched an initiative to centrally manage the identity of these staff (approximately 40,000 users) and to strengthen the security of their access to the portal depending on the sensitivity of the data.
A unique username
and strong authentication
to access e-services
When CAFAT initiated its consultation on Identity and Access Management, its first objective was to centralise user identities in a single repository. A user, who may have several business accounts (healthcare professional and employer for example), will have only one username to access the portal.
At the same time, CAFAT wanted to provide its users with a Single Sign On (SSO) to centralise and facilitate access to its e-services. Furthermore, CAFAT also wanted to strengthen authentication for certain online services where more sensitive data was involved.
« The portal for workers outside our IT system was segregated. A single user, who was both a healthcare professional and employer, had several different accounts through which to access patient data or to hire employees online, for example. CAFAT’s business services therefore had to manage several directories, and users had several usernames to log in. We therefore had to prioritise streamlining this management while increasing security for accessing certain sensitive e-services. »
Ilex International’s solutions
coupled with SF2i’s know-how
Following a call for tenders, CAFAT settled on the expertise of SF2i with Ilex International’s identity management, authorisations, access control and authentication solutions.
« Our choice of the Ilex International – SF2i partnership was based on the requirement for a comprehensive offering that met all our Identity and Access Management needs and could be implemented within a reasonable time frame. We thought that the close collaboration between these partners and the proximity of SF2i, based in New Caledonia, was a major asset for the success of such a project. We needed trusted, accessible and responsive players to bring about the renewal of our Identity and Access Management. »
The identities of healthcare professionals and business leaders are centralised in a single repository managed by Ilex International’s Meibo Identity solution.
Alongside access management, Ilex International’s Sign&go solution simplifies authentication using SSO web mechanisms. A single username or password combination allows users to access all the e-services to which they are allowed, regardless of their business profile.
Furthermore, for certain online services with sensitive data, an OTP (One Time Password) strong authentication solution has been put in place: a system that has proved its worth in the banking field where data privacy is paramount.
« Thanks to Ilex International’s solutions, CAFAT’s business services have better visibility for portal users. They know exactly who has access to which service, with what authorisation and when. Users can quickly and easily access the services they need. They can reset their password themselves, gaining autonomy. Security has not been neglected either. Strong authentication secures sensitive data and encourages the exchange of data with healthcare professionals. »
System infrastructure specialist, SF2I is an IT services company which assists companies in the implementation and development of their IT systems by offering them a wide range of services.
The benefits
- User ergonomics and convenience
- User autonomy and time saved for business services
- Guaranteed traceability and access audit
- Streamlining of access management
- Enhanced security forcritical/sensitive e-services