SlideShare a Scribd company logo

OTIS - Our Journey to Passwordless: Secure Authn & Frictionless User Experience.pptx

Download as PPTX, PDF
F
FIDO Alliance

This document discusses Otis Elevator Company's journey to passwordless authentication. It aimed to provide seamless onboarding, access for all employees, and forward compatibility. It faced challenges with indirect worker onboarding requiring in-person visits and direct workers forgetting local login passwords. To solve this, it integrated its identity governance solution with its passwordless solution to enable helpdesks to provision authentication and shorten onboarding. It also merged identity data to provide single sign-on access to HR platforms on any device without passwords. Over time, it transitioned systems to this solution to achieve complete passwordless access while addressing cultural concerns about security and convenience. The result was transformed onboarding, streamlined access to services, thorough geo-c

Technology
1 of 13
© 2022 OTIS ELEVATOR COMPANY. Our Journey to Passwordless: Secure Authentication & Frictionless User Experience Darrell Hawkins Cybersecurity Chief Technology Officer
© 2022 OTIS ELEVATOR COMPANY. © 2022 OTIS ELEVATOR COMPANY.
© 2022 OTIS ELEVATOR COMPANY. Today’s Agenda… • Key initiatives • Our migration to passwordless MFA • Learnings & Tips • Results © 2022 OTIS ELEVATOR COMPANY.
© 2022 OTIS ELEVATOR COMPANY. Key Initiatives • Digital Transformation • Seamless Onboarding • “Access for All” • Forward Compatibility © 2022 OTIS ELEVATOR COMPANY.
© 2022 OTIS ELEVATOR COMPANY. OTIS PROPRIETARY AND CONFIDENTIAL. 5 The Challenges Drove The Journey A. Indirect worker onboarding required physically being in a local office B. Direct workers could only get into the HR tools with a local login which was frequently forgotten C. Security push to replace the logon on laptops/workstations with Passwordless authentication
© 2022 OTIS ELEVATOR COMPANY. A: The Onboarding challenge Infrastructure was stood up for basic Passwordless Authentication Pandemic greatly increased the volume of people needing access before VPN was established The HelpDesk needed to generate the magic link for the new-hire so they could VPN into the Network The tool didn’t yet have a role to generate one, so we integrated our IGA solution with the Passwordless solution using the API provided This enables us to provision that admin level to the HelpDesk and the direct supervisor Onboarding & connection went from 3 days to 30 minutes
© 2022 OTIS ELEVATOR COMPANY. B: Direct worker challenge HR Platform could only talk to 1 Identity Provider. We had 4 Azure tenants to feed into it Using our IGA and IDP solutions to round out the architecture we merged the information and tied it to our Passwordless solution Each country had different “Why’s” to encourage registration and usage Partnered with the Business and HR to provide successful support with a small team Provided access for all to the HR platform and the desktop using their phone to authenticate. No password needed Created synthetic identities for those without e-mail addresses
© 2022 OTIS ELEVATOR COMPANY. C: Security Roadmap Transition to new internal Certificate Authority 4-6 months Once certificates are pushed to all machines the MFA integration begins Passwordless Authentication to workstations complete Continue integration of applications to SSO so complete passwordless is achieved
© 2022 OTIS ELEVATOR COMPANY. Overcoming Initial Resistance © 2022OTIS ELEVATOR COMPANY. “I do not want to have yet another authentication mechanism that I have to manage/use” “I love that I can log in from my work or personal device without having to remember a password. I only need my face or my thumb print, it’s so easy!” - Sr. Director HR Operations “I do not always have cell access / I do not want to use my phone” Answer: FIDO2 keys come in many different forms, some do not require a cell phone. Offline access is also available - Identity Team “This sounds like there is going to be a big, time- consuming thing. I have a day job!” “I’m so embarrassed that I waited so long to register, it was quicker than brushing my teeth.” - Branch Manager “I do not like my personal data and biometrics floating out there” Answer: The only information about you stays on the secure enclave of your phone - Identity Team
© 2022 OTIS ELEVATOR COMPANY. Addressing Cultural Barriers and other issues © 2022 OTIS ELEVATOR COMPANY.
© 2022 OTIS ELEVATOR COMPANY. © 2022 OTIS ELEVATOR COMPANY. Transformed onboarding & password reset process Streamlined how employees interact with services Thoroughly addressed geo and cultural requirements Next level security assurance combined with excellent UX Benefits
© 2022 OTIS ELEVATOR COMPANY. Results Rapid Onboarding Passwordless Access Uncompromising Security Strategy © 2022 OTIS ELEVATOR COMPANY.
© 2022 OTIS ELEVATOR COMPANY. 13

Recommended

A passwordless enterprise journey
A passwordless enterprise journeyA passwordless enterprise journey
A passwordless enterprise journey
accenture
 
The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021
CIO Look Magazine
 
truMe - Global Digital Identity and Access Management
truMe - Global Digital Identity and Access ManagementtruMe - Global Digital Identity and Access Management
truMe - Global Digital Identity and Access Management
Neeraj Taneja
 
Case Study - Paytm
Case Study - PaytmCase Study - Paytm
Case Study - Paytm
Enablex1
 
Contractor Management System (CMS) - Benefits of digitalizing contractor onbo...
Contractor Management System (CMS) - Benefits of digitalizing contractor onbo...Contractor Management System (CMS) - Benefits of digitalizing contractor onbo...
Contractor Management System (CMS) - Benefits of digitalizing contractor onbo...
ASK EHS Engineering & Consultants
 
Mobilize your workforce with secure identity services
Mobilize your workforce with secure identity servicesMobilize your workforce with secure identity services
Mobilize your workforce with secure identity services
Sumana Mehta
 
Biogen Idec case study
Biogen Idec case studyBiogen Idec case study
Biogen Idec case study
Symplified
 
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud AppsCIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CloudIDSummit
 

Recommended

A passwordless enterprise journey
A passwordless enterprise journeyA passwordless enterprise journey
A passwordless enterprise journey
accenture
 
The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021
CIO Look Magazine
 
truMe - Global Digital Identity and Access Management
truMe - Global Digital Identity and Access ManagementtruMe - Global Digital Identity and Access Management
truMe - Global Digital Identity and Access Management
Neeraj Taneja
 
Case Study - Paytm
Case Study - PaytmCase Study - Paytm
Case Study - Paytm
Enablex1
 
Contractor Management System (CMS) - Benefits of digitalizing contractor onbo...
Contractor Management System (CMS) - Benefits of digitalizing contractor onbo...Contractor Management System (CMS) - Benefits of digitalizing contractor onbo...
Contractor Management System (CMS) - Benefits of digitalizing contractor onbo...
ASK EHS Engineering & Consultants
 
Mobilize your workforce with secure identity services
Mobilize your workforce with secure identity servicesMobilize your workforce with secure identity services
Mobilize your workforce with secure identity services
Sumana Mehta
 
Biogen Idec case study
Biogen Idec case studyBiogen Idec case study
Biogen Idec case study
Symplified
 
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud AppsCIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CloudIDSummit
 
Securing and Scaling SaaS
Securing and Scaling SaaSSecuring and Scaling SaaS
Securing and Scaling SaaS
guest05bda0
 
Meet Evernym's SSI Platform
Meet Evernym's SSI PlatformMeet Evernym's SSI Platform
Meet Evernym's SSI Platform
Evernym
 
Saa sure
Saa sureSaa sure
Saa sure
Dealmaker Media
 
Implementing your APIs with zero trust
Implementing your APIs with zero trustImplementing your APIs with zero trust
Implementing your APIs with zero trust
Coforge (Erstwhile WHISHWORKS)
 
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROIDFast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
Kalpen Shah
 
Single Sign-On: Our Path to Password Elimination
Single Sign-On: Our Path to Password EliminationSingle Sign-On: Our Path to Password Elimination
Single Sign-On: Our Path to Password Elimination
Symantec
 
5 Digital Onboarding Trends To Watch In 2024.pdf
5 Digital Onboarding Trends To Watch In 2024.pdf5 Digital Onboarding Trends To Watch In 2024.pdf
5 Digital Onboarding Trends To Watch In 2024.pdf
Veri5digital
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
Evernym
 
Android Development Summer Internship in Delhi
Android Development Summer Internship in DelhiAndroid Development Summer Internship in Delhi
Android Development Summer Internship in Delhi
CRAW CYBER SECURITY PVT LTD
 
Onegini Brochure
Onegini BrochureOnegini Brochure
Onegini Brochure
FinTech Belgium
 
IDGate: One Solution for All EKYC Needs
IDGate: One Solution for All EKYC Needs IDGate: One Solution for All EKYC Needs
IDGate: One Solution for All EKYC Needs
Nadine A. Jaafar
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
Dell World
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
Archana833240
 
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610 Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
FinTech Belgium
 
Swisscard Saves Time and Effort in Managing User Access
Swisscard Saves Time and Effort in Managing User AccessSwisscard Saves Time and Effort in Managing User Access
Swisscard Saves Time and Effort in Managing User Access
NetIQ
 
Spectrum Success Story
Spectrum Success StorySpectrum Success Story
Spectrum Success Story
Imprivata
 
Building an intelligent enterprise through the Cloud | Accountex 2015
Building an intelligent enterprise through the Cloud | Accountex 2015Building an intelligent enterprise through the Cloud | Accountex 2015
Building an intelligent enterprise through the Cloud | Accountex 2015
Sageukofficial
 
Build Automate and Test Strategies - BATMAN
Build Automate and Test Strategies - BATMAN Build Automate and Test Strategies - BATMAN
Build Automate and Test Strategies - BATMAN
Eturnti Consulting Pvt Ltd
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
urma
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
Ulisses Albuquerque
 
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptxMaking FIDO Deployments Accessible to Users with Disabilities_slides.pptx
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
FIDO Alliance
 
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptxWelcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
FIDO Alliance
 

More Related Content

Similar to OTIS - Our Journey to Passwordless: Secure Authn & Frictionless User Experience.pptx

Securing and Scaling SaaS
Securing and Scaling SaaSSecuring and Scaling SaaS
Securing and Scaling SaaS
guest05bda0
 
Meet Evernym's SSI Platform
Meet Evernym's SSI PlatformMeet Evernym's SSI Platform
Meet Evernym's SSI Platform
Evernym
 
Saa sure
Saa sureSaa sure
Saa sure
Dealmaker Media
 
Implementing your APIs with zero trust
Implementing your APIs with zero trustImplementing your APIs with zero trust
Implementing your APIs with zero trust
Coforge (Erstwhile WHISHWORKS)
 
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROIDFast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
Kalpen Shah
 
Single Sign-On: Our Path to Password Elimination
Single Sign-On: Our Path to Password EliminationSingle Sign-On: Our Path to Password Elimination
Single Sign-On: Our Path to Password Elimination
Symantec
 
5 Digital Onboarding Trends To Watch In 2024.pdf
5 Digital Onboarding Trends To Watch In 2024.pdf5 Digital Onboarding Trends To Watch In 2024.pdf
5 Digital Onboarding Trends To Watch In 2024.pdf
Veri5digital
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
Evernym
 
Android Development Summer Internship in Delhi
Android Development Summer Internship in DelhiAndroid Development Summer Internship in Delhi
Android Development Summer Internship in Delhi
CRAW CYBER SECURITY PVT LTD
 
Onegini Brochure
Onegini BrochureOnegini Brochure
Onegini Brochure
FinTech Belgium
 
IDGate: One Solution for All EKYC Needs
IDGate: One Solution for All EKYC Needs IDGate: One Solution for All EKYC Needs
IDGate: One Solution for All EKYC Needs
Nadine A. Jaafar
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
Dell World
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
Archana833240
 
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610 Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
FinTech Belgium
 
Swisscard Saves Time and Effort in Managing User Access
Swisscard Saves Time and Effort in Managing User AccessSwisscard Saves Time and Effort in Managing User Access
Swisscard Saves Time and Effort in Managing User Access
NetIQ
 
Spectrum Success Story
Spectrum Success StorySpectrum Success Story
Spectrum Success Story
Imprivata
 
Building an intelligent enterprise through the Cloud | Accountex 2015
Building an intelligent enterprise through the Cloud | Accountex 2015Building an intelligent enterprise through the Cloud | Accountex 2015
Building an intelligent enterprise through the Cloud | Accountex 2015
Sageukofficial
 
Build Automate and Test Strategies - BATMAN
Build Automate and Test Strategies - BATMAN Build Automate and Test Strategies - BATMAN
Build Automate and Test Strategies - BATMAN
Eturnti Consulting Pvt Ltd
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
urma
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
Ulisses Albuquerque
 

Similar to OTIS - Our Journey to Passwordless: Secure Authn & Frictionless User Experience.pptx (20)

Securing and Scaling SaaS
Securing and Scaling SaaSSecuring and Scaling SaaS
Securing and Scaling SaaS
 
Meet Evernym's SSI Platform
Meet Evernym's SSI PlatformMeet Evernym's SSI Platform
Meet Evernym's SSI Platform
 
Saa sure
Saa sureSaa sure
Saa sure
 
Implementing your APIs with zero trust
Implementing your APIs with zero trustImplementing your APIs with zero trust
Implementing your APIs with zero trust
 
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROIDFast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
Fast, Secured and Safe Online Prescribing Tool in iOS and ANDROID
 
Single Sign-On: Our Path to Password Elimination
Single Sign-On: Our Path to Password EliminationSingle Sign-On: Our Path to Password Elimination
Single Sign-On: Our Path to Password Elimination
 
5 Digital Onboarding Trends To Watch In 2024.pdf
5 Digital Onboarding Trends To Watch In 2024.pdf5 Digital Onboarding Trends To Watch In 2024.pdf
5 Digital Onboarding Trends To Watch In 2024.pdf
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
 
Android Development Summer Internship in Delhi
Android Development Summer Internship in DelhiAndroid Development Summer Internship in Delhi
Android Development Summer Internship in Delhi
 
Onegini Brochure
Onegini BrochureOnegini Brochure
Onegini Brochure
 
IDGate: One Solution for All EKYC Needs
IDGate: One Solution for All EKYC Needs IDGate: One Solution for All EKYC Needs
IDGate: One Solution for All EKYC Needs
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
 
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610 Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
Tradetech Hybrid MeetUp_N.Jaure_Onespan_210610
 
Swisscard Saves Time and Effort in Managing User Access
Swisscard Saves Time and Effort in Managing User AccessSwisscard Saves Time and Effort in Managing User Access
Swisscard Saves Time and Effort in Managing User Access
 
Spectrum Success Story
Spectrum Success StorySpectrum Success Story
Spectrum Success Story
 
Building an intelligent enterprise through the Cloud | Accountex 2015
Building an intelligent enterprise through the Cloud | Accountex 2015Building an intelligent enterprise through the Cloud | Accountex 2015
Building an intelligent enterprise through the Cloud | Accountex 2015
 
Build Automate and Test Strategies - BATMAN
Build Automate and Test Strategies - BATMAN Build Automate and Test Strategies - BATMAN
Build Automate and Test Strategies - BATMAN
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
 

More from FIDO Alliance

Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptxMaking FIDO Deployments Accessible to Users with Disabilities_slides.pptx
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
FIDO Alliance
 
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptxWelcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
FIDO Alliance
 
CISA - More Than A Password.pptx
CISA - More Than A Password.pptxCISA - More Than A Password.pptx
CISA - More Than A Password.pptx
FIDO Alliance
 
Workshop-Demo Breakdown.pptx
Workshop-Demo Breakdown.pptxWorkshop-Demo Breakdown.pptx
Workshop-Demo Breakdown.pptx
FIDO Alliance
 
IBM - Hey FIDO, Meet Passkey!.pptx
IBM - Hey FIDO, Meet Passkey!.pptxIBM - Hey FIDO, Meet Passkey!.pptx
IBM - Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
 
Solving the IoT Challenge
Solving the IoT ChallengeSolving the IoT Challenge
Solving the IoT Challenge
FIDO Alliance
 
FIDO Masterclass
FIDO MasterclassFIDO Masterclass
FIDO Masterclass
FIDO Alliance
 
FIDO: The Value of Certification
FIDO: The Value of CertificationFIDO: The Value of Certification
FIDO: The Value of Certification
FIDO Alliance
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
FIDO Alliance
 
The State of Strong Authentication
The State of Strong AuthenticationThe State of Strong Authentication
The State of Strong Authentication
FIDO Alliance
 
Webinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the EnterpriseWebinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the Enterprise
FIDO Alliance
 
Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionWebinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA Session
FIDO Alliance
 
Ask FIDO About Anything: Certification
Ask FIDO About Anything: CertificationAsk FIDO About Anything: Certification
Ask FIDO About Anything: Certification
FIDO Alliance
 

More from FIDO Alliance (13)

Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptxMaking FIDO Deployments Accessible to Users with Disabilities_slides.pptx
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
 
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptxWelcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
 
CISA - More Than A Password.pptx
CISA - More Than A Password.pptxCISA - More Than A Password.pptx
CISA - More Than A Password.pptx
 
Workshop-Demo Breakdown.pptx
Workshop-Demo Breakdown.pptxWorkshop-Demo Breakdown.pptx
Workshop-Demo Breakdown.pptx
 
IBM - Hey FIDO, Meet Passkey!.pptx
IBM - Hey FIDO, Meet Passkey!.pptxIBM - Hey FIDO, Meet Passkey!.pptx
IBM - Hey FIDO, Meet Passkey!.pptx
 
Solving the IoT Challenge
Solving the IoT ChallengeSolving the IoT Challenge
Solving the IoT Challenge
 
FIDO Masterclass
FIDO MasterclassFIDO Masterclass
FIDO Masterclass
 
FIDO: The Value of Certification
FIDO: The Value of CertificationFIDO: The Value of Certification
FIDO: The Value of Certification
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
 
The State of Strong Authentication
The State of Strong AuthenticationThe State of Strong Authentication
The State of Strong Authentication
 
Webinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the EnterpriseWebinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the Enterprise
 
Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionWebinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA Session
 
Ask FIDO About Anything: Certification
Ask FIDO About Anything: CertificationAsk FIDO About Anything: Certification
Ask FIDO About Anything: Certification
 

Recently uploaded

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 

Recently uploaded (20)

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 

OTIS - Our Journey to Passwordless: Secure Authn & Frictionless User Experience.pptx

  • 1. © 2022 OTIS ELEVATOR COMPANY. Our Journey to Passwordless: Secure Authentication & Frictionless User Experience Darrell Hawkins Cybersecurity Chief Technology Officer
  • 2. © 2022 OTIS ELEVATOR COMPANY. © 2022 OTIS ELEVATOR COMPANY.
  • 3. © 2022 OTIS ELEVATOR COMPANY. Today’s Agenda… • Key initiatives • Our migration to passwordless MFA • Learnings & Tips • Results © 2022 OTIS ELEVATOR COMPANY.
  • 4. © 2022 OTIS ELEVATOR COMPANY. Key Initiatives • Digital Transformation • Seamless Onboarding • “Access for All” • Forward Compatibility © 2022 OTIS ELEVATOR COMPANY.
  • 5. © 2022 OTIS ELEVATOR COMPANY. OTIS PROPRIETARY AND CONFIDENTIAL. 5 The Challenges Drove The Journey A. Indirect worker onboarding required physically being in a local office B. Direct workers could only get into the HR tools with a local login which was frequently forgotten C. Security push to replace the logon on laptops/workstations with Passwordless authentication
  • 6. © 2022 OTIS ELEVATOR COMPANY. A: The Onboarding challenge Infrastructure was stood up for basic Passwordless Authentication Pandemic greatly increased the volume of people needing access before VPN was established The HelpDesk needed to generate the magic link for the new-hire so they could VPN into the Network The tool didn’t yet have a role to generate one, so we integrated our IGA solution with the Passwordless solution using the API provided This enables us to provision that admin level to the HelpDesk and the direct supervisor Onboarding & connection went from 3 days to 30 minutes
  • 7. © 2022 OTIS ELEVATOR COMPANY. B: Direct worker challenge HR Platform could only talk to 1 Identity Provider. We had 4 Azure tenants to feed into it Using our IGA and IDP solutions to round out the architecture we merged the information and tied it to our Passwordless solution Each country had different “Why’s” to encourage registration and usage Partnered with the Business and HR to provide successful support with a small team Provided access for all to the HR platform and the desktop using their phone to authenticate. No password needed Created synthetic identities for those without e-mail addresses
  • 8. © 2022 OTIS ELEVATOR COMPANY. C: Security Roadmap Transition to new internal Certificate Authority 4-6 months Once certificates are pushed to all machines the MFA integration begins Passwordless Authentication to workstations complete Continue integration of applications to SSO so complete passwordless is achieved
  • 9. © 2022 OTIS ELEVATOR COMPANY. Overcoming Initial Resistance © 2022OTIS ELEVATOR COMPANY. “I do not want to have yet another authentication mechanism that I have to manage/use” “I love that I can log in from my work or personal device without having to remember a password. I only need my face or my thumb print, it’s so easy!” - Sr. Director HR Operations “I do not always have cell access / I do not want to use my phone” Answer: FIDO2 keys come in many different forms, some do not require a cell phone. Offline access is also available - Identity Team “This sounds like there is going to be a big, time- consuming thing. I have a day job!” “I’m so embarrassed that I waited so long to register, it was quicker than brushing my teeth.” - Branch Manager “I do not like my personal data and biometrics floating out there” Answer: The only information about you stays on the secure enclave of your phone - Identity Team
  • 10. © 2022 OTIS ELEVATOR COMPANY. Addressing Cultural Barriers and other issues © 2022 OTIS ELEVATOR COMPANY.
  • 11. © 2022 OTIS ELEVATOR COMPANY. © 2022 OTIS ELEVATOR COMPANY. Transformed onboarding & password reset process Streamlined how employees interact with services Thoroughly addressed geo and cultural requirements Next level security assurance combined with excellent UX Benefits
  • 12. © 2022 OTIS ELEVATOR COMPANY. Results Rapid Onboarding Passwordless Access Uncompromising Security Strategy © 2022 OTIS ELEVATOR COMPANY.
  • 13. © 2022 OTIS ELEVATOR COMPANY. 13