This is a real life case study about how CSS implemented the security for a customer and sales portal using a Federated Identity Provider, 2 factor SSO with SAML, and attribute based access control on the SOA mediator between portal and backend using XACML.
CSS has a well established SOA backend with Role Based Access Control: Employees are assigned to one or more roles, based upon which access to varying levels of customer data is granted. However, when opening up such an IT system to customers via an online portal, access control becomes a more delicate issue. If customers are to gain access to only their and their dependent family´s data, a new layer of security is required to protect sensitive data in the backend.
You´ll gain insight in to some of the implementation issues we had along the way and how we overcame them.
For organizations that deal with sensitive information on a daily basis, and work with people and organizations located around the world, preventing information leaks is a top priority. There are many ways that sensitive data can leak from organizations, however the insider threat remains the hardest to quantify and resolve.
G4S discovered that before they could improve their data loss prevention efforts and effectively protect sensitive information, they needed to be able to answer other significant questions about the data itself, including:
In this session, Boris Goncharov, CISO and CTO with G4S Bulgaria and TITUS Chief Technology Officer Stephane Charbonneau will discuss specific ways in which organizations can improve their DLP practices in order to help prevent both accidental and malicious losses of sensitive information.