KeyData logo

Boosting Security and Growth for an Innovative Digital Health Company

Our client, operating with a misconfigured ForgeRock OpenAM platform, faced significant challenges in ensuring security and delivering a seamless user experience. To address these vulnerabilities and transform their identity management program, KeyData Cyber conducted a comprehensive health check and rebuilt the platform. By enhancing security, introducing new features, and standardizing application integrations, we delivered a robust and scalable solution that improved the client's security posture, streamlined access, and positioned them for long-term success.

Healthcare professional working on a computer.

Highlights

Challenge

Our client was operating with a poorly configured ForgeRock OpenAM platform that not only failed to meet their evolving business needs but also left critical vulnerabilities in their security framework. The misconfigured solution resulted in inconsistent performance, gaps in identity lifecycle management, and inadequate integration with key business applications, creating barriers to a seamless user experience. Additionally, the platform's security shortcomings posed significant risks, making it difficult to comply with regulatory requirements and safeguard sensitive user data. Faced with these challenges, the client needed a complete transformation of their identity management program to strengthen security, improve operational efficiency, and deliver a streamlined, user-friendly experience across their ecosystem.

Solution

We conducted a health check assessment for our client's ForgeRock OpenAM platform implementation (v7.1.2) and rebuilt the platform to enhance security, introduce new capabilities, and define standard integration patterns. This included:

  • Health Check Assessment: Reviewed existing design documentation, conducted stakeholder workshops, formulated key findings and recommendations, and defined a target state architecture and roadmap.
  • ForgeRock OpenAM Re-deployment: Defined a detailed project plan, prepared the non-production environment, configured security hardening controls (patching, secure admin access, secure realms and session cookies, secure identity store), enabled strong authentication (MFA), migrated the user store, and conducted thorough testing before promoting changes to production.
  • New Feature Implementation: Defined user journeys for self-service and password reset, integrated with Microsoft Authenticator for MFA, and performed testing before promoting changes to production.
  • Application Integration: Defined standard application integration patterns for enabling single sign-on (SSO) to existing business applications.
  • Security Enhancement: Improved security posture by incorporating security hardening controls, enabling MFA, and migrating the user store.

Outcomes

  • Enhanced Supportability: The platform is upgraded to a supported ForgeRock AM solution, mitigating risks associated with the previous unsupported version.
  • Improved Security: The solution aligns with ForgeRock best practices for architecture, infrastructure, configuration, and application integration, strengthening the overall security posture.
  • Better User Experience: New front-end pages for login, self-service, password reset, and MFA enrollment streamline the user experience and improve performance.
  • Standardized Integrations: Standardized integration patterns are in place for seamless connectivity with JIRA, Confluence, and a newer version of Terminology Gateway.

The transformation of the client's ForgeRock OpenAM platform delivered significant benefits, addressing key challenges and positioning their identity management program for long-term success. By upgrading to a fully supported ForgeRock AM solution, the risks associated with the previous unsupported version were mitigated, enhancing the system's overall supportability.

Security was greatly improved through the implementation of industry best practices, including multi-factor authentication (MFA) and advanced security hardening controls. The introduction of intuitive user journeys, such as streamlined self-service and password reset processes, elevated the user experience while boosting performance.

Standardized integration patterns enabled seamless connectivity with critical applications like JIRA, Confluence, and Terminology Gateway, ensuring operational consistency and scalability. With a robust architecture and roadmap in place, the client is now equipped to adapt to future identity management needs.

Ready to achieve similar results?

Contact us today to transform your IAM program and enhance your security, scalability, and user experience.

Contact Us

Don't know
where to start?

Looking to assess your current state, map out strengths, identify gaps and design a tailored roadmap to an optimal target state IAM program?

Book your complimentary assessment workshop and get started today.

Get Started

KeyData Cyber Connect Newsletter

Head Office

150 York St, Suite 1710
Toronto, Ontario M5H 3S5

Boston Office

One Boston Place, Suite 2600
Boston, MA 02108 U.S.A

Company

Board of DirectorsLeadership TeamTechnology PartnersNewsCareersContact

Services

Advisory ServicesImplementation ServicesManaged ServicesTraining Services

IAM Solutions

CIAMWIAM

Success Stories

Case Study LibraryBlogResourcesEvents
KeyData Cyber Logo

Copyright © 2024 KeyData Cyber.
All Rights Reserved.

keydatacyber twitterkeydatacyber facebookkeydata-associates linkedinkeydatacyber instagramKeyData Cyber youtube