Agile and  Modern IT Solutions

A prominent digital commerce company spanning nearly 20 countries, boasting a diverse team of designers, marketers, creatives, data scientists, and software engineers, faced the task of resolving authentication issues within their DUO system. This initiative addressed authentication challenges for over 5,000 users and 3,000 Windows machines, encompassing ADFS, LDAP, DUO, Windows HELLO, and auto-enrolment.

Our team conducted a comprehensive assessment of the client's DUO implementation in collaboration with a senior engineer to address the authentication issues. A robust redesign of the authentication system was executed and rigorously tested to ensure seamless functionality. Furthermore, client-side administrators were actively involved in training and knowledge transfer sessions to equip them with the necessary skills to maintain the optimised design in the long term.

Our client has initiated a comprehensive evaluation and approval process for the Google Cloud platform, aiming to align with the stringent security standards outlined in the GC Canadian Centre for Cyber Security (CCCS) Cloud Security Controls profile of Protected B, Medium Integrity, Medium Availability (PBMM). This endeavour involves meticulously examining the Google Cloud environment to ensure compliance with the specified security controls. This enables the organisation to enhance its cybersecurity posture and safeguard sensitive data following industry best practices.

The project meticulously outlined procedures for collecting crucial evidence to ensure compliance with security controls. Tailoring of the Canadian Centre for Cyber Security's ITSG-33 Security Requirements Control Matrix (SRTM) specifically addressed PBMM requirements within the Google Cloud ecosystem. Each security control's evidence-gathering process underwent thorough scrutiny against established standards to confirm correct implementation and adherence to stipulated criteria. This method facilitated a comprehensive assessment of the security landscape, empowering the organisation to rectify deficiencies and bolster cybersecurity resilience significantly proactively.

Our client is undergoing a comprehensive infrastructure modernisation initiative to implement a cutting-edge security framework aligned with Zero Trust principles. By leveraging our expertise, the client is strategically aligning with the NIST Zero Trust maturity model, selecting top-tier products for seamless integration to fulfil the specific capability needs of each maturity model pillar. This strategic approach is poised to establish a state-of-the-art data centre and infrastructure fortified by robust zero-trust security protocols.

To address the needs of the users and device pillars, we strategically utilised key Microsoft technologies, including Microsoft Entra (Azure AD) for robust identity management and Microsoft InTune for efficient device management. Our approach also involved leveraging tools such as Gitlab, Microsoft Purview, and TrendMicro to enhance data and application management while ensuring top-notch security measures. Considering the client's substantial on-premises network infrastructure with a mix of cloud services, we integrated VMware NSX-T to implement effective east-west micro-segmentation. This decision enhances network security and optimizes overall network performance. Moreover, we meticulously configured a suite of cutting-edge tools to fulfil the Automation Orchestration pillar requirements, including Microsoft Sentinel, Ansible, Elastic, Gigamon, and Microsoft Defender. This comprehensive setup ensures seamless automation and orchestration and enhanced visibility and analytics across the network infrastructure.