IAM programme management and roadmap
The IT department of one of Switzerland's largest logistics service providers developed its IAM strategy with the help of United Security Providers. United Security Providers was responsible for building and guiding the programme management (multi-project management) for IAM. USP then supported the customer in a staged roll-out of group-wide IAM services over a number of sub-projects.
Design and implementation of an IAM system
United Security Providers drafted both the outline and the detailed design for a complete overhaul of IAM services for a large Swiss airline. United Security Providers specialists then implemented the services using MS Forefront Identity Manager.
Homogenisation of rights management
Standardisation of the processes in rights management to provide traceability and transparency for a large Swiss industrial enterprise.
Implementation of a secure zone concept with central access point for all web applications, protection of all web applications and strong authentication for selected applications in one of the largest hospitals in Switzerland.
Establishment of a classical web entry service environment for an eGovernment infrastructure (citizens' portal). It was important for the cantonal authority that there was flexible, robust user authentication, which was possible on completion of the project using SMS texting, RSA tokens, SecureID or SuisseID.
At a major bank in Switzerland: establishment, maintenance and operational support for a centrally operated and administered web entry service with authentication and authorisation of mission-critical applications, particularly for a worldwide e-banking solution.
Upgrading network zoning
A new network zoning system for location and provider-independent linking of business, infrastructure and management zones was designed and built for a Swiss transport company. The zones are connected to a newly-designed, IPv6-capable backbone and can be administered very flexibly.
Network access service design and network zoning
Acting as the full IT service provider for a customer in healthcare, we found it important for our customer that we secure and monitor network accesses. A strategy and implementation architecture for a network access service were drafted and the operational processes were defined. A zone architecture was then designed to allow the customer and provider's IT systems to be operated in segmented networks. The appropriate processes for the implementation were defined and specified for the IT service management systems.
IT security assessment
Verification of the actual status of IT security and of the costs in various areas such as the firewall, DMZ, proxy, WAN, LAN and mobile devices. The analysis phase of a project for updating the IT environment for a food company included the aspect of IT and network security. The objective of the assessment was to produce a report containing a prioritised list of measures with outline cost estimates for the measures recommended for the improvement of information security in the areas studied.
Mobile device strategic for city administration and schools
Applying USP's established procedure, the current situation was recorded and the relevant use cases derived from this on behalf of a city administration. The study revealed that not all use cases for schools and the city administration can be covered securely given the current organisational and technical circumstances. A new strategy was formulated promoting the use of mobile end devices and defining the measures necessary: guidelines, remuneration, mobile device management, adjustments to the WLAN infrastructure.
Mobile security strategy for a commercial group
The customer is looking for a tried-and-tested procedure allowing him to regulate and integrate the deployment of mobile devices such as smart phones and tablets in his business. The development of the mobile security strategy helps the business to set correctly the priorities in respect of contemporary use of mobile services. The integral system architecture will allow a secure and controllable operation of the mobile infrastructure.
Mobile security strategic for local administration
Mobile devices have noticeably gained a foothold, or requests to allow their use have been made, in areas of the administration, schools and the emergency services in the canton. Collaborating with USP, the cantonal authority examined the strategic dimensions of “users, devices, accesses, services/data and policies“ and derived the relevant use cases from them. The gaps in these areas were determined and the policies required established and prioritised. It proved possible to elucidate the thrust of the services required in the future through targeted questionnaires to the customers. Proceeding from the use cases and the policies, a system architecture for the implementation of the mobile security strategy was ultimately developed.
Security analysis in a public cloud (SaaS)
Evaluation of the cloud security of a cloud provider in respect of the data security of the storage of data subject to data protection regulation.
Security review cloud strategy
Drafting of a statement on a proposal for a cloud strategy in the public sector.
Development of security guidelines over the entire cloud life-cycle for the various business divisions in a national corporation.
Answering the question: what do the various business divisions have to take into consideration when they are deploying cloud technologies?
IT security assessment for a transport company
The customer is given an up-to-date and comprehensive overview of the technologies deployed and the interfaces present for managing digital identities and an estimate of the areas for actions and challenges in this field. In a second step, practical proposals are drawn up for solutions that can be implemented quickly in the most important action areas.
IT security manager in public administration
Taking on the IT security manager's (IT-SIBE) role for the canton for a time. Our consultants took on responsibility for: drawing up and maintaining the IS principles, supporting the responsible authorities in gathering data concerning the use of ICT systems in the canton for criminal procedures or other purposes, representation of the canton at IS specialist organisations, professional consultancy and verification of ICT projects.
ISDS for Swiss alarm control centre
USP was commissioned by an alarm control centre that operates throughout Switzerland to assist in its large-scale project for replacing its entire infrastructure and software provision. Completely novel threat scenarios have to be considered now that telephone-based alarm systems are being replaced by IP-based systems. A comprehensive ISDS was drawn up for all the perimeter components for consideration against a risk portfolio.
Our consultant prepared the customer for and assisted him with audits as part of his project assistance role.
Further information on our products and solutions can be found in our download area.