Permanent secure access: in the office and outside the intranet

Developing secure services throughout the electrification chain

The name of the Swiss engineer François Borel is perhaps less well known than that of Thomas Edison, who developed the electric light bulb. However, in 1879, Borel revolutionised electricity distribution by inventing an innovative process for manufacturing underground power lines. 120 years later, the company co-founded by Borel has become Nexans, and the group continues to innovate with solutions for electrifying the future.

Nexans' mission is to contribute to a more connected and sustainable future, leading the way to a new world of safer, renewable, low-carbon electrification. To achieve this, Nexans develops a wide range of cabling solutions for the entire electrification chain. Its solutions for the electrification of onshore and offshore high-voltage power grids serve offshore wind farms and other renewable energy sources. Its telecommunications and data transmission networks connect people, companies, cities and continents.

"Our customers are increasingly demanding comprehensive solutions to meet complex needs," says Bertrand Aït-Touati, Group Cyber Security Director at Nexans. "By developing integrated and connected services, we help our customers optimise costs and improve performance." One of the results is ULTRACKER, a solution that leverages IoT (Internet of Things) technology to track cable reels around the clock, limiting the loss and theft of both cable and reels. 

Replacing an outdated solution to strengthen cybersecurity

Nexans employs 25,000 people and works in 38 different countries to provide end-to-end electrification solutions. The company needed a new access management solution to support its development and digital transformation. The decision to modernise access management was driven by a commitment to strengthen Nexans’ cybersecurity, which is a key priority of the company’s executive board and risk management team. 

"Access management is a fundamental aspect of any cybersecurity strategy, including ours," says Aït-Touati. "Our previous solution was outdated and it was difficult or impossible to upgrade, which posed a high risk." Following a call for tenders, Nexans selected Okta and implemented its solution for 14,000 users in less than five months.

Choosing an easy-adoption access management solution

Nexans evaluated four or five different solutions as part of its market study. The company wanted an access management platform that could easily be integrated with its cloud infrastructure, including Microsoft Azure, Office 365 and SaaS business applications. "To strengthen our access control services, we needed a solution that could be smoothly integrated with our existing applications, as well as other applications we might potentially use in the future, " says Christophe Robin, Global Architecture and Project Senior Manager at Nexans. "The solution also had to be convenient for our employees to adopt. For us, the choice of Okta was a no-brainer."

Okta met the strong authentication requirements of both the Architecture and Risk Management teams: the platform offers a range of authentication factors, supports multiple authentication protocols including OAuth2, SAML and Kerberos, and is easily integrated with Microsoft workflows.

To implement Okta, three members of the Nexans team worked with two consultants from Synetis, Okta's integration partner. "Implementation was very fast: it took just three months from contract signing to producing the solution, and then only another two months to integrate the necessary apps," says Robin. "Both Okta and Synetis gave us strong support, which ensured smooth, trouble-free migration. It's very reassuring to have direct access to the Okta teams and to be able to ask them for advice about best practices." 

Providing secure access for users both inside and outside the network

The scope of the implementation included 14,000 accounts covering 14 languages. Now these users access Office 365 and 33 other applications with Single Sign-On authentication, which provides a seamless experience. "Within our network, users are accessing their Office 365 tools without even realising Okta is there to get them connected," says Robin. 

When users log on outside the intranet, Nexans uses Multi-Factor Authentication to ask them to provide a second authentication factor, using the Okta Verify application or an SMS. "Adaptive MFA is easy to use and we have had no concerns over the take-up of this tool. 9,000 users registered the week after its implementation," adds Aït-Touati. 

Nexans also uses Universal Directory to store the identities of users whose access is managed via Okta and to connect Okta with its identity management solution. 

Providing a user experience that inspires confidence

One of the main benefits for Nexans since Okta was implemented has been an improvement in its security. "Thanks to Okta, our infrastructure is undoubtedly more secure, because we now have a robust multi-factor authentication solution. Positive feedback from users is also an important indicator of the success of its implementation," according to Robin.

One week after Okta was implemented, Robin was pleasantly surprised during his coffee break to receive positive feedback from a user: "An employee turned to me and said ‘That new system of yours is really great’," he recalls. "Okta has been a real plus for our users. The solution simplifies their everyday lives in an ergonomic way, as the portal is nice and intuitive to use. It makes my life easier because employees trust me to implement changes." 

Okta also helps employees work even in unusual situations. As they can generate access codes offline with the Okta Verify application, users who cannot receive text messages, such as employees working on ships, can still access their tools. "Adaptive MFA provides us with a high level of security while helping people access their tools out on the open sea," Robin said. "It's a specific use case, but one that’s very important to us." 

Extending the deployment of SSO for an even simpler access experience

In 2022, Nexans plans to expand its use of Okta to take advantage of more advanced access management capabilities. Deploying single sign-on to other applications is playing a key role in this. "We are in the process of replacing our existing user profile management solution," Robin says. "When this project is complete, we will implement Single Sign-On authentication for SAP and 20 other applications." 

To support its move towards full-service procurement, Nexans is increasingly turning to technical partners who can offer out-of-the-box solutions and configure them to meet its business requirements. "Nexans has a true partnership with Okta," concludes Robin. "Our relationships are built on trust, and go beyond a simple customer-supplier relationship."