Customer: This financial institution (FinCo) is one of the largest asset management companies in the world, serving 13 million account holders with over $1.5 trillion under management.
Industry: Financial Services
Headquarter: Massachusetts, USA
FinCo’s 40,000 employees service over 20 million individual and institutional customers, offering 530 mutual funds via 5,000 channel partners. FinCo achieved its success through a combination of comprehensive service offerings, personalized service, and competitive cost. Smart adoption of mobile technology is key to delivering the best customer self-service experience for all end users while keeping pace with customer engagement innovations.
Nearly half of FinCo’s 40,000 employees require mobile access to FinCo’s resources. In addition to issuing Blackberry smartphones, FinCo has also embraced BYOD (bring-your-own-device), thus also supporting the most popular iOS and Android platforms. Additionally, FinCo builds and supports custom solutions for large channel partners and institutional customers. With such a diverse population of mobile users, and equally diverse backend resources, FinCo was looking for a unified mobile access platform that can meet the flexibility and scalability requirements across different FinCo business units. FinCo required a unified and seamless access control across web, mobile, API, and EDI channels.
- Scalable Multi-Platform & Multi-Channel Support
To compete for customers, channel partners, and talented employees, FinCo had to support all major mobile platforms. Large channel partners and institutional customers had their own mobile applications that required access to FinCo’s services. Also, in addition to the new mobile and web APIs, Web Services and secured file transfer were also widely used in existing B2B integrations; Fidelity needed a single access control platform that could accommodate all traffic protocols with a single set of security policies and security artifacts.
- Legacy Access Control Technology Silos
FinCo had deployed a number of access control technologies, including CA SiteMinder for web access control, Ping Identity for SAML based federation, and Cisco ACE XML Gateway for Web Service security. These technology silos required coordination and custom integrations to work across the business units, yet collectively they were still unable to provide reliable mobile access. FinCo wanted to extend, simplify, or replace these legacy technologies to improve governance and manageability.
- Backward Compatibility With Existing Integrations
FinCo had a large number of existing integrations with its own backend systems and partner systems. These integrations used different types of standards, protocols, certificates, and security tokens. Massive conversion across these integrations was a non-starter. The new access control platform had to be backward compatible with existing integrations to allow for a phased upgrade schedule.
FinCo deployed the Vordel API Server as their enterprise wide security policy enforcement point (PEP) for all mobile, web, API, and EDI traffic. As a result of using the Vordel API Server, FinCo was able to:
- Simplify their security architecture, while producing savings in: software license, software maintenance, hardware, and administration costs.
- In addition to hard-dollar savings, FinCo also improved user experience and accelerated delivery of new mobile service offerings.
- Lastly, FinCo improved overall security posture and governance with improved auditing, monitoring, and reporting.
- A single PEP for all traffic types, consolidating and replacing hundreds of CA SiteMinder agents.
- Integrated PEP for data security policies, including data redaction, encryption, and tokenization policies.
- Support for multiple mobile platforms including iOS
- An extended CA SiteMinder authentication scheme to handle mobile traffic using device, application, & user identities. It also provided Security Token Service supporting existing SAML based federation and added OAuth 2.0 support.
- Comprehensive threat protection against all API attacks such as denial of service and injections.
- and Android without modifying or upgrading backend systems
With the Vordel API Server, FinCo was able to simplify their security architecture, while producing savings in: software license, software maintenance, hardware, and administration costs. In addition to hard-dollar savings, FinCo also improved user experience and accelerated delivery of new mobile service offerings. Lastly, FinCo improved overall security posture and governance with improved auditing, monitoring, and reporting.