MyID – Replacing Central Access Management With a State-Of-The-Art IAM Solution

Siemens AG commissioned the system integrator iC Consult to replace the existing company-wide authentication system with a modern IAM solution. The main goals were even higher availability, speed, and security.

At a glance

Industry: Technology

Region: Global

Customer: Siemens AG

About the customer

Siemens AG (Berlin and Munich) is a leading technology company focused on industry, infrastructure, transport, and healthcare. From more resource-efficient factories, resilient supply chains, and smarter buildings and grids, to cleaner and more comfortable transportation as well as advanced healthcare, the company creates technology with purpose adding real value for customers. By combining the real and the digital worlds, Siemens empowers its customers to transform their industries and markets, helping them to transform the everyday for billions of people. Siemens also owns a majority stake in the publicly listed company Siemens Healthineers, a globally leading medical technology provider shaping the future of healthcare. In fiscal 2023, which ended on September 30, 2023, the Siemens Group generated revenue of €77.8 billion and net income of €8.5 billion. As of September 30, 2023, the company employed around 320,000 people worldwide.

Challenge

Replacing the central authentication legacy system with a new, enterprise-wide hybrid cloud solution

Products & Services

Service Layers Platform, Ping Identity

Results

  • Highly available, secure, and rapid login through worldwide distribution
  • Modern, intuitive user interface
  • Selection of preferred authentication methods depending on data classification
  • Very high degree of automation for efficient operation and a high degree of traceability
  • Developer portal for easy integration of over 1,000 applications
  • Support of various authentication methods and user-friendly multi-factor authentication
  • Very fast implementation
  • Very high security level thanks to cutting-edge technologies and architectures

With MyID, we have taken the decisive step towards a secure, fast, and future-oriented authentication system. Thanks to the experience of iC Consult and the use of the Service Layers platform, this highly demanding project could be implemented on schedule. With the new system, everyone – from employees to application developers – benefits from a unique range of functions.

Dimitri Lubenski,
Head of Technology & Innovation
at the Digitalization Enablement Center,
Siemens

The Challenge

For more than 15 years, Siemens has been operating a globally rolled-out authentication process that protects hundreds of business-critical applications. However, today’s requirements in terms of availability, flexibility, and security are significantly higher than at the time of implementation. For this reason, those responsible were looking for a new, future-proof IAM solution that would also incorporate the latest changes in the company’s structure. In addition, they wanted to optimize the flexibility of IT service by providing innovative and secure authentication methods.

These considerations had a direct impact on the selection of the future system architecture and operating model. A system operated exclusively on site was ruled out because the ambitious project duration made the use of cloud services unavoidable. The high demands on scalability and worldwide availability also spoke clearly in favor of a cloud solution.

The other end of the spectrum – a preconfigured IAM solution based on an Identityas-a-Service platform – was out of the question due to a lack of functionalities. Integration into the existing IT landscape would also have been difficult. Siemens therefore opted for a hybrid cloud approach that combines the best of both worlds. The name of the new system: MyID.

Implementing a Scalable and Secure IAM Solution with iC Consult’s Service Layers Platform

After carefully defining the requirements catalog and comprehensively comparing providers, Siemens commissioned iC Consult in Munich to implement the project. With the Service Layers platform that they themselves developed, the Identity & Access Management (IAM) specialists have a system that is ideally suited to Siemens’ challenges. Service Layers combines the functionality of a customized IAM product – in this case, Ping Identity – with the flexibility and scalability of a cloud-based solution.

MyID is provided as a hybrid cloud service on AWS using container-based technology (Kubernetes) with a high degree of operational automation (DevOps). Thanks to paradigms such as “Infrastructure as Code” and “Configuration as Code”, changes and extensions can be made quickly at any time. Since this is done without manual administrator access to the underlying infrastructure and software, MyID offers a significant boost in terms of security and traceability, right from the start. Deployment in Germany and the USA further increases availability and ensures rapid login processes. User identities are managed via Active Directory. Users log in as usual with smartcard or password and thus receive single sign-on to their applications. At the same time, this eliminates the need to set up a separate identity storage and synchronize identities with the cloud. In addition to the smartcard, users can also use the modern multi-factor authentication app PingID, which features biometric protection and is popular on mobile devices. Siemens CERT has tested the app extensively and released it for internal use within the company.

But not only users benefit from MyID. The developer portal “MyID Connect” helps application providers migrate their existing applications and integrate new apps. To do this, the developer simply registers his or her application with MyID Connect and carries out the necessary configurations. These configurations are then automatically imported into MyID in the background.

Seamless Transition to MyID Authentication Platform

Implementation of MyID began in January 2019; the first applications were migrated from October. Until all applications were completely migrated, the old authentication system continued to be used in parallel. In addition to providing modern authentication methods, MyID will continue to support legacy applications. This migration is expected to be complete by October 2020 – and thus on schedule.

Siemens Access Control: Boosting Flexibility and Performance with the MyID IAM Solution

Although the IAM solution was implemented in a very short time, users were enthusiastic from the start and appreciated its flexibility and performance. As one of the central corporate systems at Siemens, MyID supports employees in around 190 countries and 285 production facilities worldwide. It secures more than 1,000 productive applications.

Because it is provided in the cloud, and based on the cutting-edge Service Layers architecture, the service scales easily with the growing number of devices and users. The system authenticates more than 350,000 employees and business partners daily – faster, more securely, and more conveniently than ever before.

Interview with Siemens’ Head of Technology about this Project

Get more project insights of Siemens’ journey to a state-of-the-art authentication platform in this interview with Siemens‘ Head of Technology, Dimitri Lubenko. Watch the teaser below or access the full interview here.

YouTube Video