Scottish Water

by | Oct 27, 2023

Hardware and software solutions for modern IOT and network security

The challenge for Scottish Water

Scottish Water (SW) is responsible for providing water and wastewater services to domestic and wholesale customers. SW plans to migrate from a legacy PSTN-based OT network to secure, leading-edge technologies. SW will use wireless and satellite public IP networks that require trusted security for encryption of communications and compliance with the EU’s NIS 2 (Network Infrastructure Security) regulation.

Our solution for Scottish Water

To provide Scottish Water with a NIS-2 compliant solution, we deployed an IDnomic PKI as a cloud service in our data center, providing digital identities for credential management for network devices communicating over 5G in a cost-effective and fast time-to-market approach. In addition, our secure microSD card from Cryptovision serves as a trust anchor for the routers deployed by Scottish Water.

IDnomic PKI

Weitere Referenzen aus der Branche

Sichere Lösungen für digitale Identitäten

Branchen

Lösungen

CLOUD SERVICES

eID-DOKUMENTE

IT-SICHERHEIT

IOT UND INDUSTRIE

Produkte

PKI SOLUTIONS

CREDENTIAL MANAGEMENT

SECURITY TOKEN & HARDWARE SOLUTIONS

SECURITY APPLICATIONS

E.ON

by Maik Breilmann | Oct 25, 2023

cryptovision solution manages 70,000 smart tokens at E.ON

The challenge for E.ON

When a large company switches from passwords to smartcards, even seemingly unimportant things are important. Even the smallest mistake can have unpleasant consequences if it occurs to tens of thousands of users. A smartcard solution must therefore not only be secure, but also and above all function smoothly.

How important the details of a smartcard solution can be is shown by a project cryptovision carried out for the German energy supplier E.ON. The Essen energy giant wanted to replace the passwords used practically everywhere in the company with a more secure authentication. E.ON equipped 70,000 IT users with smart tokens that work like smart cards but have a different form.

The smart tokens that E.ON chose were considered secure. However, security was by no means the only requirement E.ON made. The company paid particular attention to ease of use. They knew that even if only one percent of the 70,000 smartcard users had problems with their cards, this would lead to chaos and a loss of user acceptance. In addition, such an incident would have meant that 700 employees would no longer be able to do their jobs while the helpdesk was flooded with 700 support calls. In addition, verification time was an important issue for E.ON. If a registration process takes only five seconds longer than necessary and each employee logs in twice a day, 70,000 employees waste a combined 700,000 seconds (or 24 working days) a day. That adds up to over 5000 working days per year.

To avoid such problems from the outset, many customers are willing to invest in a high-quality smart card solution, even if there are usually cheaper alternatives. In addition, software adaptations that facilitate the use of a smartcard solution often make sense. In view of the high number of users, they usually pay for themselves quickly.

When E.ON analyzed the use of its smart token system after several years, it became clear that the token middleware (i.e. the software that connects the tokens to the program) had a number of errors that caused unnecessary helpdesk traffic. In addition, it was found that a cheaper token solution with better quality (including shorter verification time) was available on the market. Therefore, E.ON decided to abolish the existing smart card solution and migrate to a new one.

Our solution for E.ON

E.ON chose sc/interface from cryptovision as the new token middleware. sc/interface has proven to be a robust and user-friendly solution for numerous customers in more than a decade and supports over 80 token types and profiles on all common platforms. All tokens used at E.ON are delivered by cryptovision (via T-Systems).

E.ON had already developed several software components for the old token solution which simplified its use in the E.ON environment (this investment was worthwhile due to the large number of users). In order for sc/interface to support these programs, cryptovision had to make some adjustments.

Since E.ON enables its employees to use their own devices (“Bring your own device”), the tokens used must be available on different platforms – especially on Windows, Linux and Mac OS. This requirement was easy to meet as sc/interface runs on all these platforms. cryptovision even provided a solution that automatically installs a certified MiniDriver in a user’s Windows environment.

In addition, E.ON set up a self-service registration process. A person who wants to apply for an E.ON token first receives an empty token and then logs on online. A colleague must then confirm the identity of this person with his or her own token.

Since the certification authority (CA) originally used ceased operations, E.ON had to find a new one. D-Trust, Bundesdruckerei’s CA, proved to be the best choice. Further adjustments were required for various E.ON-specific processes.

Now that the new solution has been running smoothly for years, the migration can be described as sensible and successful with a clear conscience. In addition to the lower costs, the higher user-friendliness (including a shorter verification time) is a particular advantage. In addition, there have been no security problems worth mentioning so far. However, E.ON had assumed this anyway.

SCinterface

Weitere Informationen

Weitere Informationen über das E.ON-Smarttoken-Projekt gibt es in der Ausgabe 1-2017 des Bundesdruckerei-Magazins Dig:ID.

More references from this branch