Case Studies Mission-Critical Identity and Access Project for Fortune 500 Company

Mission-Critical Identity and Access Project for Fortune 500 Company

Overview

Our client, a Fortune 500 company in the healthcare industry, brought in Concurrency to lead an in-depth project to implement single-sign on and other identity-related functions that are critical to the firm’s online sales.Our client operates in a number of sales channels, among which is a collection of websites. Seamless integration across these disparate online platforms would allow our client to increase customer convenience by eliminating multiple sets of credentials.

Single sign-on would also enable the organization to present relevant products and services in relevant customer contexts; the customer could, for example, then click straight through from a practice management tool to an online ordering platform.

From both security and operational perspectives, our client’s online presence is mission-critical. The organization has hundreds of thousands of users across its sites and generates large daily revenues online. A modern identity system had to be absolutely rock solid with zero downtime with a perfectly executed deployment to production.

Solution

Concurrency’s large-scale project began with intensive business analysis and progressed through implementation:

  • Deep dive into desired business outcomes of identity infrastructure
  • Detailed review of existing identity infrastructure
  • Detailed design of new identity infrastructure
  • Design validation and implementation

At the outset of the project, our client expressed interest in features available in the then-preview product Azure B2C. However, the Azure B2C itself was not an option since the product was still in preview and would not reach general availability in time for the organization’s roadmap.

Therefore, Concurrency built a solution that delivered a similar feature set to the one Azure B2C eventually launched with. We did so using industry standard protocols to ensure the custom solution would integrate across our client’s websites.

We standardized how identity is handled inside the organization’s technical architecture—creating entire frameworks to do so. Specifically, we implemented ADFS and extended it to serve our client’s needs beyond out-of-the-box functions. To best serve end-users (customers of our client), we created a self-service portal to allow customers self-service access for password resets and email address changes. By carefully structuring integrated frameworks, we ensured this and other functionality could roll out across the organization’s scope of use without each product team needing to write specific functionality.

We enabled the SAML authentication protocol, replacing the legacy FormsAuth protocol that had been in place previously. FormsAuth’s limitations prevented seamless navigation among related websites, in that passwords needed to be entered for each site.

With regarding migration to the new authentication platform, we ensured a smooth user experience by migrating users as they logged into the system—provisioning users as they came to the sites.

Security was, of course, among the project’s most critical aspects, to protect the firm’s operations and users’ sensitive data, including private health information.

Results

This identity solution enabled significant advancements for the user and for the firm. By implementing industry standard protocols to ensure seamless integration across the firm’s websites, we helped our client move its authentication processes to a truly modern approach consistent with its business objectives including service to its customers.