Managing accesses in a fast-growing market
MTN, the leading mobile telecommunications operator in Africa, is a key player in the spectacular growth of subscribers in the continent. In Ivory Coast, among others, MTN meets the specific needs of local subscribers with innovative services: credit transfer, call-back request, call notification outside coverage areas, voice chat, etc. 800 employees offer and manage these services all around Ivory Coast.
However, since each of these services requires its own management application, the employees of MTN Côte d’Ivoire had to manage a lot of passwords.
Members of the helpdesk team were overwhelmed as they must reset passwords themselves to improve efficiency.
“We now have 25 applications, 15 of which are critical, and many employees work with more than 10 applications a day. It was becoming very difficult for users to manage all their accesses” explains Davy Roland Lago, project manager at MTN Côte d’Ivoire.
Reinforcing security in a Microsoft environment
After an internal audit, MTN Côte d’Ivoire decided to deploy smartcard-based login associated with single sign-on (SSO) to the company’s applications. The objective: using a single access method for all authorized services inside the company.
The main purpose of this strategic decision was to reinforce access security and at the same time eliminate application passwords. A tender request for a global security solution was sent to Microsoft environment security experts.
In the end, the solution proposed by Microsoft Nigeria was deemed most credible and coherent.
Microsoft’s global solution contained products from its Microsoft Gold Certified partners: Evidian for single sign-on and Gemalto for smartcards.
A card-based authentication process, validated by Microsoft Active Directory, allows an employee access to all his or her authorized applications while Evidian Enterprise SSO is in charge of entering application passwords and modifying them if necessary.
Deployment of single sign-on
A pilot installation was made on typical applications. Microsoft integrated Enterprise SSO with the help of Evidian. The solution was installed on workstations with Gemalto readers and smartcards, and also with the company’s Active Directory.
Since Evidian Enterprise SSO is a software-only solution, it was not necessary to install additional boxes on the regional sites of MTN Côte d’Ivoire.
“Evidian and Microsoft adapted quickly to our specific work environments, and the project plan was adhered to”, says Davy Roland Lago. “For instance, since we have a very heterogeneous PC pool, we adopted a system of gradual deployment in groups of about fifty PCs, on a department by department basis”.
Simplified and secure access
Access security is now reinforced at the operator’s as the solution gets deployed in Côte d’Ivoire. Better still, this is done with the employees’ approval.
In fact, the new connection method has gained wide acceptance among the users. They have only one PIN to remember instead of about ten passwords. Therefore, the employees have stopped jotting down these passwords on paper; in fact, they no longer even know the access codes for critical applications.
The smartcards are managed centrally in Abidjan, at the headquarters of MTN Côte d’Ivoire. This way, it is easy to invalidate lost cards or cards belonging to employees leaving the company. The Evidian Enterprise SSO console contains a card management system, integrated with single sign-on management, which facilitates administration.
Each new telephony service management application (web and Windows) is henceforth integrated with single sign-on before being distributed. 800 terminals were deployed the first year and 200 more employees will be using Evidian Enterprise SSO in 2010, thus paving the way for the strong growth of MTN Côte d’Ivoire in complete security.
