KeyData logo

Improving Accessibility & Compliance with Scalable IAM for a Major City Government.

Faced with millions of users, complex compliance requirements, and evolving security needs, our client required a scalable and robust Identity and Access Management (IAM) solution. KeyData Cyber was engaged to assess and rebuild their ForgeRock OpenAM platform, enhancing its security, functionality, and user experience. Through a comprehensive health check, re-deployment of the platform, and implementation of new features, we delivered a solution that not only improved compliance but also streamlined user access, strengthened security, and standardized application integrations.

Canadian government building interior photograph.

Highlights

Challenge

Our client, managing millions of users across a complex ecosystem, faced mounting challenges in meeting stringent compliance requirements while maintaining robust security and a seamless user experience. Their existing IAM solution struggled to support their evolving needs, lacking the scalability, flexibility, and advanced features required to keep pace with growing demands. This created critical gaps in security, hindered user accessibility, and increased risks associated with non-compliance. To address these challenges, the client required a modern IAM solution capable of scaling to support their current operations and future growth, while improving security, streamlining processes, and enhancing the overall user experience.

Solution

We conducted a health check assessment for our client's ForgeRock OpenAM platform implementation (v7.1.2) and rebuilt the platform to enhance security, introduce new capabilities, and define standard integration patterns. This included:

  • Health Check Assessment: Reviewed existing design documentation, conducted stakeholder workshops, formulated key findings and recommendations, and defined a target state architecture and roadmap.
  • ForgeRock OpenAM Re-deployment: Defined a detailed project plan, prepared the non-production environment, configured security hardening controls (patching, secure admin access, secure realms and session cookies, secure identity store), enabled strong authentication (MFA), migrated the user store, and conducted thorough testing before promoting changes to production.
  • New Feature Implementation: Defined user journeys for self-service and password reset, integrated with Microsoft Authenticator for MFA, and performed testing before promoting changes to production.
  • Application Integration: Defined standard application integration patterns for enabling single sign-on (SSO) to existing business applications.
  • Security Enhancement: Improved security posture by incorporating security hardening controls, enabling MFA, and migrating the user store.

Outcomes

  • Enhanced Supportability: The platform is upgraded to a supported ForgeRock AM solution, mitigating risks associated with the previous unsupported version.
  • Improved Security: The solution aligns with ForgeRock best practices for architecture, infrastructure, configuration, and application integration, strengthening the overall security posture.
  • Better User Experience: New front-end pages for login, self-service, password reset, and MFA enrollment streamline the user experience and improve performance.
  • Standardized Integrations: Standardized integration patterns are in place for seamless connectivity with JIRA, Confluence, and a newer version of Terminology Gateway.

The successful re-deployment of the ForgeRock AM platform delivered significant improvements across key areas for our client. The platform was upgraded to a fully supported version, mitigating the risks associated with outdated, unsupported software. By aligning with ForgeRock best practices, the solution strengthened the client's overall security posture, incorporating advanced configurations, secure integrations, and robust multi-factor authentication (MFA).

The user experience was also vastly improved, with intuitive new front-end pages for login, self-service, password reset, and MFA enrollment, providing faster performance and easier access to essential tools and services. Standardized integration patterns established seamless connectivity with critical applications like JIRA, Confluence, and Terminology Gateway, ensuring consistency and scalability across the client's ecosystem.

These enhancements positioned the client to meet compliance requirements more effectively, improve user satisfaction, and scale their IAM environment for future needs.

Ready to achieve similar results?

Contact us today to transform your IAM program and enhance your security, scalability, and user experience.

Contact Us

Don't know
where to start?

Looking to assess your current state, map out strengths, identify gaps and design a tailored roadmap to an optimal target state IAM program?

Book your complimentary assessment workshop and get started today.

Get Started

KeyData Cyber Connect Newsletter

Head Office

150 York St, Suite 1710
Toronto, Ontario M5H 3S5

Boston Office

One Boston Place, Suite 2600
Boston, MA 02108 U.S.A

Company

Board of DirectorsLeadership TeamTechnology PartnersNewsCareersContact

Services

Advisory ServicesImplementation ServicesManaged ServicesTraining Services

IAM Solutions

CIAMWIAM

Success Stories

Case Study LibraryBlogResourcesEvents
KeyData Cyber Logo

Copyright © 2024 KeyData Cyber.
All Rights Reserved.

keydatacyber twitterkeydatacyber facebookkeydata-associates linkedinkeydatacyber instagramKeyData Cyber youtube