Multi-factor authentication for eyewear manufacturers

Multi-factor authentication (MFA) for 1300 employees

Attacks on IT infrastructure are a serious threat to companies. Silhouette Group, an international premium eyewear manufacturer headquartered in Austria, wanted to better protect itself against cyber attacks. For this purpose, the sustainable complete eyewear provider brought IPG's experts on board.

Mission and objective

Fast-track to multi-factor authentication

Following an audit, the cyber security service provider A-team.rocks advised the company to secure access to internal systems with multi-factor authentication (MFA). Previously, a user name and password were sufficient - with around 1300 employees, this was a security risk. To remedy this situation quickly, the timeframe for the global rollout was only three months. 
 
Karl Sulzbacher, Head of IT Competence Center and IT Purchase at Silhouette Group, led the MFA project. Based on recommendations, he and his team reviewed potential partners. IPG convinced with a positive overall impression, competence and a comprehensive performance record. Another important argument was the professional logistics involved in distributing the hardware tokens, including to China and Brazil.

Procedure and methodology

The direct route to the goal in three months

First, the needs and possibilities in the various countries were clarified with regard to the MFA solution. The global infrastructure, a hybrid mixture of on-premise and cloud services, turned out to be extremely complex. Accordingly, the question arose as to whether a central installation made sense. In a workshop, IPG Austria, the partner for authentication solutions MTRIX and the Silhouette Group developed a concept. Then, based on this concept, the optimal MFA product was evaluated and Micro Focus Advanced Authentication Framework was implemented. The project team decided on a uniform solution, provided centrally from the headquarters in Linz, via which all logins were to take place worldwide.
 
Due to the great time pressure, the implementation - based on the concept proposal and the described procedure - took place directly in live production. It was confirmed that the planned approach was exactly right and the selected product worked excellently.

The best technology is useless without the involvement of the users. For this reason, a person was defined in each country to accompany the introduction of the MFA and support employees with any questions. The personal support, comprehensible instructions and needs-based training ensured a smooth and punctual rollout at all sites. Users can now choose from three methods for two-factor authentication: Hardware token, virtual token or smartphone push message.

Challenges

Convenience vs. security

The requirements for the central MFA solution were high: it had to replace a large number of existing authentication services, be uniform worldwide, and support various options for the second factor. Since a proof of concept was not required due to time constraints and the test phase was extremely short, the use cases had to be run through quickly and as realistically as possible. It was the only possible way to ensure functionality and consistency of the processes. Especially the integration for the worldwide secured access from external via VPN was very challenging. Thanks to the great experience and excellent cooperation between IPG, MTRIX and the Silhouette Group, the changeover went smoothly.
 
Multi-factor authentication is more complex than the previously used password login. The personal support of the employees and the preparation of the training materials took time, but contributed a lot to the fact that multi-factor authentication quickly became routine and is now well accepted by the users at all sites.

Result

Data security massively increased in the shortest possible time

The Silhouette Group was able to introduce the required MFA within a very short time and significantly improve IT security. Not only the company itself, but also its customers and employees benefit from better protection against cyber attacks. 
 
Benefits at a glance:

  • Improved data security 
  • Increased resilience against cyber and phishing attacks
  • Uniform solution for all subsidiaries in 13 countries worldwide
  • No more insecure password authentication
  • The chosen solution is low-maintenance

Silhouette customer testimonial

Thanks to the rapid and comprehensive introduction of multi-factor authentication, we were able to significantly increase IT security at Silhouette Group within a very short time. Thanks to the competent consulting and smooth implementation, the cooperation with IPG was consistently positive and extremely professional.

Karl SulzbacherHead of IT Competence Center and IT PurchaseSilhouette Group

IPG Expert Opinion

The short turnaround time of this project was certainly a challenge, yet the result achieved is excellent. Silhouette Group is now playing in the top league in terms of secure authentication and is much more resilient to common cyber and phishing attacks. The collaboration with the customer was very professional and goal-oriented; all parties involved knew the goal and worked towards it.

Philipp BorenichTeamleader Technical Consulting ATIPG

The Silhouette Group, headquartered in Linz, Austria, is a complete eyewear provider producing and selling lenses and frames of the Silhouette, evil eye and NEUBAU EYEWEAR brands. The 3rd generation family business employs around 1300 people worldwide, 700 of them in Linz. With 13 of its own international sales companies and a regional office, the Silhouette Group is the market leader in the premium segment of rimless eyewear, which has made the company known and successful worldwide. Exports account for 95 percent of sales, and the eyewear is available in over 100 countries.

Picture of Edith Stingl - IPG - experts in IAM
Edith Stingl
Marketing Manager DACHIPG Information Process Group Austria GmbHContact