Almavia : a 120-people IT service company

Almavia is an IT service company specialized in the integration of CRM and Contact Center solutions, partnering with leading software vendors in these segments. The company, created in 2005, conducts 12M € per year in business deals with SMEs, major accounts and public players and counts 120 employees. In June 2017 it became part of the Nextedia group.

Almavia uses Trustelem to secure their information system and simplify its use. As CISO and architect of internal IT, Thierry Fau's mission is to build an IT system compliant with always stronger security requirements and offering optimum user comfort for employees.

Damien Ribic, Alternate CISO and Head of Systems and Networks, manages Almavia’s systems, internal networks and projects. Here they give their feedback on Trustelem.

What problem (s) does Trustelem answer in your context?

The security requirements of our large customers matters, require us to secure access to our IF by generalizing two-factor authentication on all access from the Internet. The services concerned are either internally hosted services or cloud services (Dropbox, Office365, BoondManager).

What was the situation before the Trustelem deployment?

We started to deploy 2-factor authentication independently on each services. The situation was complicated to manage and the standard solutions offered by Office 365 were not applicable in our organization.

What were the business consequences of this situation?

Without response to the multi-factor authentication requirement, it would have been difficult to maintain our SEO at one of our most important client.

What did you have as objectives in your project to deploy a solution such than Trustelem?

We needed a solution that was simple to administer, and deployable quickly covering authentication on our SaaS services, and on our internal VPN. Ideally the current management should only from the internal AD directory.

We had to be able to offer a second authentication factor to collaborators to whom we do not provide any hardware: PC or phone.

Ideally, the deployed solution would produce reports and convincing logs, presentable at our clients.

Why did you choose Trustelem instead of a competing solution?

For the overall cost of the solution and the simplicity of implementation.

What were the steps in setting up Trustelem?

Study of the solution, PoC, synchronization of the accounts between the internal AD and Office 365, activation of the SSO Trustelem on Dropbox then on Boond then on Office 365, deployment of authentication two factors.

What human and technical resources have you devoted to it?

Less than 10 men.days. The Trustelem teams accompanied us for the synchronization between the internal AD and Office 365.

The technical impact on our infrastructure has been limited to deploying the Trustelem AD connector Connect.

What were the brakes?

The Office 365 configuration required some effort to implement authentication federated into heavy Office clients (Word, Outlook, Skype Enterprise etc.). It was necessary to activate the modern authentication option via PowerShell scripts.

Regarding the VPN, the solution selected previously, Fortigate, is unfortunately not compatible with identity federation protocols that would have allowed Trustelem to be used.

What are the impacts of Trustelem from the point of view of users?

Users go through the Trustelem portal instead of accessing each application directly. The solution avoids the re-keying of passwords and is well accepted by the users.

What are the qualitative and quantitative results with regard to your initial objectives?

Have they been reached? overtaken

The integration of Fortigate VPN access into Trustelem is the only requirement that has not been met, and we had to deploy an alternative strong authentication solution for these accesses.

Our other expectations have largely been met, in particular the simplification of the administration accounts by the IT department.

As a professional, would you recommend Trustelem to your colleagues and why ?

Yes. The solution allows for a very reasonable cost to centralize authentication over a wide choice of applications, and offers efficient administration tools that are well integrated into our IS.

The Trustelem teams accompanied us with commitment and competence.

You want to learn more about how Trustelem suits in your particular context? Contact us!