Protectimus Customer Stories: 2FA for DXC Technology

Posted By on Oct 24, 2022 | 0 comments

Xchanging Italy a DXC Technology 2FA Customer Story

DXC Technology — is an international IT corporation that provides services in the field of IT consulting, maintenance of corporate IT equipment, cybersecurity, etc. It includes more than 70 companies from different countries with a staff of more than 130,000 employees. Protectimus provides two-factor authentication services to the Italian division of DXC Technology – Xchanging Italy.

Protectimus was chosen because of their unique Dynamic Strong Password Authentication (DSPA) technology. Using this product, we added 2FA to all the systems we needed to protect in one fell swoop, as it allowed us to integrate two-factor authentication services straight with Active Directory. We have been using the Protectimus two-factor authentication platform for a year and are satisfied with this product and the level of support.


Mauro S., Information Technology principle engineer at Xchanging Italy a DXC Technology

Key tasks for implementing 2FA for Xchanging Italy a DXC Technology

Xchanging Italy, part of the DXC Technology group, uses Protectimus’ two-factor authentication solution to secure access to virtually all the enterprise software used by their staff.

When choosing a two-factor authentication provider, DXC Technology’s IT engineers looked for a solution that would meet two criteria:

  • allowed them to protect access to all the services used by company employees for work;
  • was relatively easy to connect and configure, as DXC Technology’s IT department wanted to avoid the time-consuming process of integrating two-factor authentication service with each corporate software separately and installing additional 2FA software on workers’ computers.

The Protectimus’ unique product, the Protectimus Dynamic Strong Password Authentication (DSPA) solution, meets both requirements. Protectimus DSPA integrates directly with Active Directory, turning user passwords stored in AD into dynamic two-factor passwords.

Such a dynamic two-factor auth password (for example, Pa$$code987654) consists of two parts: a standard password (Pa$$code) and a temporary TOTP password (987654). Temporary TOTP password is constantly changing according to the schedule set by the administrator, a time interval must be a multiple of 30 seconds. To receive a time-based one-time password, a user needs a TOTP token.

Thus, Protectimus DSPA allows you to add two-factor authentication to all services connected to Active Directory at once. We will describe the Protectimus DSPA technology in more detail below.

Xchanging Italy a DXC Technology wanted to solve several challenges with 2FA

  1. To protect access to all the software used by company employees.
  2. To integrate two-factor authentication into Xchanging Italy corporate infrastructure quickly and efficiently.
  3. To deploy two-factor authentication servers in the DXC Technology environment so as not to transfer user information to a third party and ensure maximum protection and fault tolerance of the 2FA system.

The following Protectimus 2FA products were chosen to solve the above mentioned tasks

Challenges and Solutions

To protect access to all corporate software with two-factor authentication

The unique Protectimus DSPA technology is ideal for this task.

The Protectimus two-factor authentication solution is integrated straight away with the user storage (in this case, Active Directory). Protectimus DSPA adds a dynamic part (TOTP one-time password) to the user passwords stored in Active Directory and turns them into dynamic two-factor authentication passwords. After that, end users will enter the two-factor authentication passwords to log into each corporate service connected to AD.

Dynamic two-factor authentication passwords consist of two parts:

  1. A user password. The password stored in Active Directory before the 2FA integration. This part of the two-factor password does not change.
  2. Time-based one-time password (TOTP password). This part of the two-factor password changes at intervals set by the administrator, from 30 seconds or more.

A dynamic password created using the Protectimus DSPA component will look like this – Pa$$code987654, where Pa$$code is the user’s password in AD that does not change, and 987654 is the one-time password generated using the TOTP token.

Learn more about the Protectimus DSPA solution and test it for free here.

To implement 2FA quickly and efficiently

The main advantage of using Protectimus DSPA technology is that integration is carried out with only one system – Active Directory. And after that, two-factor authentication appears immediately on all the services and machines connected to Active Directory.

DXC Technology administrators didn’t have to deal with each service that needed to be protected with 2FA separately. It made the 2FA implementation process faster and more efficient.

And to save administrators from the extra burden of issuing 2FA tokens separately for each end user, Xchanging Italy also uses the Protectimus User Self-Service Portal. On this portal, end users enroll software TOTP tokens using the Protectimus SMART OTP one-time password generation application themselves.

Contact our team and describe your requirements. We will help you choose the best two-factor authentication solution for you.

To deploy two-factor authentication servers in DXC Technology environment

It was important for DXC Technology not to transfer even a part of user data to a third party. Therefore, the best solution was to deploy Protectimus On-Premise Two-Factor Authentication Platform on Xchanging Italy’s own servers.

Instructions for installing and configuring the Protectimus On-Premise 2FA Platform are available here.

2FA products used by Xchanging Italy a DXC Technology

Protectimus
On-Premise

Protectimus’ on-premise two-factor authentication platform is installed on the customer’s infrastructure or in their private cloud. The client has the fullest control over the two-factor authentication servers and user data. They can build their own system to protect authentication servers from hacking and take care of the fault tolerance of the 2FA system.

Protectimus
DSPA

The unique Protectimus Dynamic Strong Password Authentication component integrates directly with AD, LDAP or any database and adds a dynamic part to the users’ passwords stored there. The dynamic part is the TOTP passcode with the time interval set by the administrator. So two-factor authentication is activated simultaneously in all services that access this user storage.

Protectimus
SMART OTP

Application for generating OTP passwords. Available for free on GooglePlay or the App Store. The Protectimus SMART OTP 2FA app allows you to set any interval for changing OTPs generated by the TOTP (Time-Based OTP Generation Algorithm) algorithm from the standard 30 seconds to infinity. Only this type of OTP token is suitable for Protectimus DSPA.

Protectimus Users Self-Service

The Protectimus Users’ Self-Service Portal allows the client’s end users to enroll two-factor authentication tokens themselves. Considering that all the DXC Technology users use Protectimus SMART OTP one-time password generation application, activating the Protectimus Users’ Self-Service Portal greately facilitates the work of the DXC Technology administrators.

Read more Protectimus customer stories

 

2FA for Advcash logo

 

Sicim 2FA customer story

 

middle tennessee state university 2fa customer story logo

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Author: Anna

If you have any questions about two-factor authentication and Protectimus products, ask Anna, and you will get an expert answer. She knows everything about one-time passwords, OTP tokens, 2FA applications, OATH algorithms, how two-factor authentication works, and what it protects against. Anna will explain the difference between TOTP, HOTP, and OCRA, help you choose a token for Azure MFA, and tell you how to set up two-factor authentication for Windows or Active Directory. Over the years with Protectimus, Anna has become an expert in cybersecurity and knows all about the Protectimus 2FA solution, so she will advise on any issue. Please, ask your questions in the comments.

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from Protectimus blog.

You have successfully subscribed!

Share This