By selecting Ilex International’s IAM platform and expertise from Business & Decision, Société Générale reinforces the level of security of their IT system and optimises the management of identities and their application rights.
The solution implemented:
Sign&go Global SSO
Strong and adaptive authentication, access control, global SSO (Web SSO and eSSO), identity federation and mobile SSO
The challenges
- Improve security with a proven and lasting solution
- Open their IS to partners, and in total security
- Simplify authentication procedures
Security: A key challenge for Société Générale
Société Générale is a first tier European financial services group, active in 83 countries with over 156,000 employees of 28 different nationalities. The Société Générale group is organised in five divisions: Retail Banking in France – International Retail Banking – Specialised Financing & insurance – Private Banking, Global Investment Management & Services – Corporate and Investment Banking.
At the heart of banking and finance, Société Générale’s IT systems constitute a real tool, a source of performance and quality. Nearly 20% of the company’s investment is dedicated to IT projects.
In the context of its plan to reinforce the security of IT systems, the fight against fraud and also to assist its business partners, Société Générale launched the SAFE program (Service d’Authentification Fédérateur d’Entreprise – Enterprise Federation Authentication Service).
A common security and authentication platform for the management of electronic banking
The objective for the first use of SAFE was to provide a federation service, via single authentication, to a group of applications dedicated to the management of electronic banking for which Transactis is responsible for, a joint subsidiary of La Banque Postale and Société Générale. These applications are hosted both at Société Générale and La Banque Postale. This innovative choice enables rationalisation of multiple existing authentication methods for a large user population and a variety of applications.
« The SAFE platform is now used to access electronic banking applications hosted within Société Générale (approximately 30) by both internal users and external ones from La Banque Postale (3000). In a second phase, the platform will allow Société Générale’s users to access the Transactis applications hosted at La Banque Postale via the same identity federation mechanisms and with complete security.»
The challenge for Société Générale is to improve security whilst offering an easy to use and uniform service for the users at the best price.
A solid partnership: Business & Decision
and Ilex International
Following a detailed analysis of solutions on the market, Société Générale decided to combine the expertise of Business & Decision with the solutions from Ilex International, already implemented with success in Banking, Finance and Insurance sector.
« The organisational and functional approach of these two companies seduced us because it better serves the professions. Business & Decision and Ilex International are two major actors in the access control and identity management domain. They joined talents so that our project would succeed and combined their abilities during both the design and implementation phases.»
Business & Decision was charged with the implementation of the SAFE platform, whilst assuring the change management for the project managers. The teams from Ilex International were equally involved and worked with our integrator partner to guarantee good quality service delivery and ensure a robust infrastructure.
The platform has been built around the Sign&go technology and offers an authentication and SSO service to the Transactis Web applications. It has a SAMLv2 federation interface allowing external users from La Banque Postale to access applications through Web SSO. Based on the federated identity management directory for Société Générale’s internal users, and the external one for La Banque Postale’s users, the SAFE platform interfaces with the group’s various electronic banking applications. It lets the users transparently access all the resources authorised by their profile following a single authentication by Sign&go.
The level of expertise and responsiveness of Ilex International’s R&D teams assured Société Générale that their expectations would be taken into account within the product itself. In addition, the experience of Business & Decision in projects of this size was an important advantage for the implementation of the SAFE platform.
Business & Decision is an international consulting and systems integration group specialising in Business Intelligence, Customer Relationship Management (CRM), e-Business and Enterprise Information Management (EIM). They are recognised by the largest software companies in the market with whom they have created partnerships, for their functional and technical expertise.
A secure and reliable service
After 6 months of use, Société Générale can already comment on the benefits of the SAFE platform.
« Authentication has now been simplified thanks to SSO, and the federation of identities has facilitated the implementation of a business partnership thanks to the flexibility that it introduces to the IT. The level of security of the IT systems in question has been reinforced and managing identities made more reliable.»
In the near future, the platform will be opened up to other banking entities and there will be more and more applications made available.
The benefits
- Improvement in the level of security
- Control of external accesses
- Simplification of authentication phases
- Improved reliability of the management of identities and application rights