Gamatech Success Stories
Central authentication hub for all bureaus and departments of the HKSAR
Working through the Office of the Government Chief Information Officer (OGCIO), Gamatech provided design and implementation services to the over 80 bureaus and departments of the HKSAR resulting in the integration of Active Directories and other identity applications into a single central authentication hub. Based on open-standard protocols such as SAML, PKI, SSL, and open source products, including OpenAM, OpenDJ, and MySQL, the solution provided USB token and certificate-based strong authentication-as-a-service to supported applications.
- To enable access to government-wide applications for employees of all HKSAR bureaus and departments without having a centralized identity directory for authentication. Instead, each bureau or department had its own authentication directory and was considered as an independent identity provider for the applications.
- To provide strong authentication-as-a-service for government-wide applications
- Improved access across dozens of different government bureaus and departments
- Enablement of centralized data for government officials for sharing across all bureaus and departments
- Open source-based solution substantially reduced the cost of implementation compared to commercial options
Global directory implementation for a multinational conglomerate
Using open source products and technologies, Gamatech designed and implemented a global contact directory and management application. The solution continues to enable the corporation to manage hundreds of thousands of identities by a team of fewer than 5 people. The system supports multi-level delegations of identity provisioning and de-provisioning to an unlimited number of levels of administration staff, including merger and acquisition scenarios. Implemented in 2010, the system has been running for over a decade with zero downtime.
- High availability and robustness required to support a world-wide operation with single-location support
- Dynamic administrative environment due to regular mergers and acquisitions
- Multiple levels of administration delegation required
- Empowerment of a small team of system administrators to oversee and operate the system
- Highly cost-effective system with no downtime in operation for over a decade. Indeed, the cost of implementation and operation would have been more than 10-fold had a traditional Microsoft Active Directory forest architecture been used.
- Significantly reduced the efforts of head office-based team to maintain its global directory with multi-level delegation capabilities
B2B web-based single sign-on solution for international bank
Gamatech provided a B2B web-based single sign-on architecture assessment and recommendation, solution implementation and support services for a major international bank. The final solution also included an approach to tuning vital environmental parameters like cache, sockets, memory, CPU, etc.
- Capability to handle over 500 concurrent logins per second
- Support for thousands of users globally
- Performance bottleneck identified and achieved, enabling 500 concurrent logins per second
- Implemented a performance tuning model to optimize the system’s throughput and response time based on access loads that can be changed as needed due to business circumstances
Identity governance solution implementation for a large insurance company
In 2013, Gamatech delivered Hong Kong’s first SailPoint IdentityIQ implementation for one of the region’s largest life insurance companies. The company was facing increased costs associated with its highly manual access review and certification processes and sought advice on options.
The chosen solution enabled identity and access governance for the company, including certification, along with automated account request and password management. Deployed in phases, the project involved the integration of five data sources into IIQ, including their HR system, Active Directory, and Exchange services and three distinct core applications from Oracle.
- To achieve single sign-on for different types of users accessed from different channels using different workstations
- Integration with a variety of platforms and systems
- High requirements for stability and performance
- improved the visibility of access rights across the organization.
- streamlined and automated the company’s on-boarding processes, significantly reducing manual administration
Identity management consultancy study for a Hong Kong-based higher education institution
Gamatech provided a comprehensive IdM consultancy study to review the organization’s existing IAM practices. The analysis involved requirements identification, design of an IAM framework and infrastructure, evaluation of possible products available in the marketplace, the recommendation of a product-specific design and the proposal of a migration and implementation roadmap.
- Diversified systems and applications to be reviewed; more than 30 interviews conducted
- Over 4,000 staff and 50,000 students from more than 7 authoritative sources
- Requirement to enable entitlements for thousands of students during the start of semesters within a few hours
- Have an identity and management (IAM) framework/blueprint/roadmap to reference for upcoming IAM program
- Recommended IAM products that best fit the customer environment