Aramco marks security cards

Oil giant Saudi Aramco is to equip 45,000 employees with IT authentication devices in a multimillion dollar deal aimed at increasing security and cutting costs.

  • E-Mail
By  Diana Milne Published  October 22, 2006

Oil giant Saudi Aramco is to equip 45,000 employees with IT authentication devices in a multimillion dollar deal aimed at increasing security and cutting costs. The firm has purchased ActivIdentity’s Enterprise Access Card (EAC) solution — a smart card — which employees can use to log onto their PCs and access applications on the network. The EAC solution consolidates employee credentials onto a single, secure smart card providing a photo ID as well as a security device that enables secure Windows and network login, PC ‘locking’, secure remote access virtual private network (VPN), secure e-mail with digital signatures, and single sign-on to enterprise and desktop applications. Employees can also access buildings and other facilities with the same cards. Initially the cards will be issued to around 45,000 Aramco employees around the world —an implementation process that is expected to be completed by the first half of next year. According to Marc Hudavert, general manager at ActivIdentity, the EAC solution will be gradually rolled out to employees across the rest of the organisation if the initial deployment is successful. He said that, although security is a major driver behind Aramco’s decision to deploy the technology, the main benefit it will gain would be the ease of use for employees. “Security was one of the key drivers — cost savings as well but more importantly, particularly for such a rich company, was ease of use,” Hudavert claimed. “One of the major issues for all corporations is the number of credentials that employees have to remember. Companies don’t want to have a helpdesk team of people spending their time on answering calls from their employees across the globe just because they forgot their password or they lost it.” “With our technology they can collapse everything into one single device which is the smart card,” he went on to say. According to Hudavert the solution would also provide added protection for the firm’s critical applications — particularly the data held on its enterprise resource planning (ERP) system. “They obviously have some very critical applications in terms of their own business but also in terms of IT applications such as ERP systems and some very specific management tools used by their management and they wanted to protect that from fraud,” he said. “Security is definitely one of the big drivers.” Hudavert went on to say that one of the reasons why Aramco was keen to deploy ActivIdentity’s solution was that it offered future-proof capability — the ability to deploy other services on top of the application if required without changing its existing infrastructure. He would not reveal the value of the deal but said that it was a seven-figure amount in dollars. Saudi Aramco is the state-owned oil producer of Saudi Arabia, and is responsible for 25% of the world’s known oil reserves. It has an extensive IT infrastructure, including the largest single-site SAP implementation in the world. A spokesperson for Aramco confirmed to IT Weekly that the company was working on the project but declined to comment further, claiming it was too early to do so as the project is currently in the pilot stages. Aramco joins organisations in the region that are becoming increasingly aware of the need to improve their IT security following a spate of hacking attacks on banks and other firms. Last week IT Weekly reported that a number of Middle East organisations are waking up to the looming IT security crisis by adopting the ISO 27001 standard designed to protect information held on their IT systems.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code