Deutsches Milchkontor secures remote access with two-factor authentication
Deutsches Milchkontor (DMK), Germany’s largest dairy company, already relied on strong two-factor authentication to secure remote access to its network and critical data. As a part of a data center consolidation and the replacement of remote access hardware, the company decided to migrate from its previous deployed solution to VASCO’s DIGIPASS technology and at the same time upgraded its server to IDENTIKEY Authentication Server.
Replace the existing authentication solution for remote access in a data center consolidation. In addition, the company wanted to move to software authenticators.
The migration had to be done on the fly, without compromising remote access security.
DMK decided on a combination of IDENTIKEY Authentication Server with DIGIPASS hardware and software technology. The migration from the previous solution to the current one was done in a step-by-step parallel operation.
Key Project Principles
Remote access completely re-organized
With 6,240 employees in 24 locations, and a turnover of 4.4 billion euros, DMK is the largest dairy company in Germany and one of the leading companies in Europe. Notified by its incumbent vendor of that its secure remote access platform was being discontinued, DMK decided to completely re-organize its remote access infrastructure and re-tender its authentication solution, especially as the company wanted to move to software authenticators in the future. Ultimately, DMK implemented a new remote access platform consisting of a Juniper appliance and VASCO’s IDENTIKEY Authentication Server.
No more fixed expiration times
From local software to web application
DMK’s former remote access solution all tokens had a fixed expiration date, regardless of their actual state. This resulted in unnecessary investment in bulk purchases of tokens in order to reduce price. On the other hand, VASCO does not have fixed expiration dates and its DIGIPASS for Mobile solution doesn’t need to be replaced due to expiring batteries. As a result, the VASCO solution was much cheaper than other alternatives. The transition to the new solution was simplified as both solutions are running in parallel. Employees are gradually converted to the VASCO platform. Until then they continue to use the remaining, older solution to log on to the existing data center. Employees are converted to the VASCO solutions whenever their existing tokens expire, and if possible, even earlier.
“The installation and the tests ran without major problems and the rollout of the authenticators didn’t pose a big challenge. Furthermore, we have enjoyed concentrade’s [DMK’s system partner] excellent support throughout the project and have benefited from their experience with other projects," said Michael Knipping, Team Leader Network, DMK. DMK wanted to execute the migration process with minimal complexity. Even so, nothing has changed for the practical user. As a result, employees continue to work with the Juniper VPN client, only is their one-time password now generated by a new authenticator. As a result, transition to the new solution has gone very smoothly.
Related Client Stories
Qatargas secures corporate network with DIGIPASS and IDENTIKEY
Qatargas pioneered the liquefied natural gas industry in Qatar. With remote offices and offshore plants, Qatargas was looking for a secure remote access solution allowing its employees and contractors worldwide to access its corporate network and business applications. By implementing IDENTIKEY Authentication Server software together with DIGIPASS hardware authenticators and DIGIPASS for Mobile into its Citrix metaframe, the company is assured that its business critical applications and information cannot be accessed by unauthorized users.
ROC Amsterdam and ROC Flevoland protect on-line student administration with DIGIPASS for Mobile
The Regional Training Centre (abbreviated to ROC - Amsterdam - ROC Flevoland) is a school for vocational and adult education Approximately 30,000 students and 4,000 employees can use an on-line student information system that bundles, organizes and manages all kinds of information on students. Students use the platform to look at their course schedule and results. The information on the platform, of course, is sensitive and personal, and that only qualified persons may have access to certain information, and changes.