Conteq news

How the Russian office of the global consulting firm improved the interaction security of the employees and clients.



BIG 4
The leaders of consulting and audit services not only in Russia but also all over the world are the four largest corporations, which are usually united into the Big Four.
Employees of one of these "Big Four" consulting firm use a B2B portal based on Microsoft SharePoint to interact with customers.
What’s new?
The firm has decided to improve the security of client interactions on the B2B portal and minimize cyber security risks to maintain a great reputation and increase customer loyalty.
Goals and objectives:
1. Eliminate selection, disclosure and transmission of passwords when authorizing the portal users.
2. Setup a control scheme for electronic signatures for the portal user agreements.
Solutions and outcomes

The IT company Conteq was chosen as an outsourcer to meet these challenges.
The joint distributed team of Conteq and consulting firm specialists performed the following tasks:
1.               Implement two-factor authentication for the portal clients. Confirmation by SMS code is now used to generate 2-step verification codes.
2.              Created a flexible administration system for the 2-step verification.
3.              Set up a scheme for registration and confirmation of a phone number for two-factor users’ authentication.
4.              The process of electronic signing of the user agreement for representatives of client organizations has been automated. The process includes initial signing, as well as re-signing in case of new versions of documents.
5.              Administrator console for flexible electronic signature management options has been configured.
6.              Reviewing document versions and an opportunity to use various versions of agreements have been configured for foreign clients.
“Lessons Learned”
·                Working on the project, Conteq developers and analysts used the TOTP technology (Time-based One-time Password Algorithm, an algorithm based on the OATH protocol built on blockchain technologies).
The architecture of the solution was worked out so that consulting firm could add options from other solutions for multifactor authentication including SMS confirmation. For example, it is possible to use for the two-factor authentication such services as Google, Microsoft, Symantec Validation & ID Protection Service, or RSA public key cryptographic algorithm.
·                Conteq has been equally excited to prepare all project documentation in English, which means that the user interfaces are available both in English and Russian.
·                Thanks to a joint project with consulting firm, Conteq was able to develop replicable two-factor authentication and user agreement signing solutions for any SharePoint-based system.
Sofia — Business analyst of Conteq'Modern Workplace  says

The two-factor authentication solution we have developed can be useful for organizations that care about their information resources and comply with national and international data protection standards.
Learn more about Client Portals based on SharePoint