Construction firm safeguards cloud-based applications with online directory service
First published on CloudBlogs on Jun, 16 2014
is a construction firm based in Belgium that provides construction services to businesses and homeowners. Dillen Bouwteam has 50 employees in addition to a large number of external partners, such as architects and contractors. Giving all team members an easy way to communicate and share information is critical to the firm’s success.
“We have construction sites across Belgium, and we are always looking for ways to improve collaboration,” says Toon Dillen, IT Manager at Dillen Bouwteam. “The ability to collaborate quickly and easily helps us meet deadlines and avoid mistakes.” To minimize the exchange of paper documents and constant driving to construction sites, Dillen Bouwteam began using Microsoft Office 365. Employees and contractors use Office 365 to store and share documents, have quick instant messaging chats and videoconferences, and send and receive email messages.
The company wanted to move even more applications into the cloud, but it needed a way to ensure security of cloud-based data. “Cloud services are great for productivity but a challenge from an IT perspective,” Dillen says. “Data is no longer sitting on servers behind our firewall, and simple user names and passwords are not sufficient anymore.” Also, on construction sites, one computer is used by many people, so identity management is very important to Dillen Bouwteam. It’s critical that the company be able to assign access rights to specific applications to specific individuals.
Dillen Bouwteam decided to augment its internal Active Directory Domain Services system with Windows Azure Active Directory, a Windows Azure service that provides identity management and access control capabilities for cloud applications. All Dillen Bouwteam cloud-based applications are now accessible from one place. Employees sign in to the Access Panel, where they see only the applications that they are authorized to use. From the panel, they can easily connect to other cloud services, such as Office 365 and SkyDrive Pro and hundreds of non-Microsoft “software as a service” applications.
To add an extra layer of security, Dillen Bouwteam uses Windows Azure Multi-Factor Authentication. After logging on to externally available services by using their user name and password, employees and partners confirm their identity by responding to a phone call or text message. Dillen Bouwteam used the PhoneFactor multi-factor authentication product to protect its Remote Desktop Services farm but the product did not extend to Office 365. Microsoft acquired PhoneFactor and integrated it into Windows Azure Active Directory, so now Dillen Bouwteam has multi-factor authentication for its cloud-based workloads, too.
Dillen uses security reports produced by Windows Azure Active Directory to detect anomalies, such as multiple sign-in attempts during a short period of time in multiple time zones, which typically indicates fraud. Dillen Bouwteam is deploying all new applications in Windows Azure, to reduce IT capital and management costs and simplify application access. Additionally, Dillen Bouwteam uses Windows Intune for cloud-based management of its PCs—and soon, mobile devices—distributed across sites.
By using Windows Azure Active Directory, Dillen Bouwteam has created a more secure foundation for a bigger push into the cloud so that the company can realize greater efficiencies. Cloud-based data remains safe, and employees have a simple, centralized way to get to all of their applications.
Read the full details of the case study
Read more about Azure Active Directory