A multinational oil and gas major with vertically integrated operations in all areas of the oil and gas industry, including exploration, production, refining, distribution, power generation and trading, needed a large-scale modernization of their business operations to adopt modern digital and cloud technologies, as well as a revamp of their IAM Program to support transformation and ongoing DevOps support of both Enterprise and Partner identity platforms.

HCLTech executed a two-step approach to this program, combining our Azure stack implementation expertise to run a time-bound transformation program, paired with experience in supporting operations to deliver a Service Level Agreement (SLA)-driven outcome-based service with the theme of continuous improvement.

The Challenge

• Requirement of a large-scale modernization of the business operations and upscaling of user experience
• Revamp of their IAM Program
• Support transformation and ongoing DevOps support of both Enterprise and Partner identity platforms

The Objective

• Enhance security by deploying Azure multi-factor authentication
• Build conditional access policies to protect enterprise data and assets
• Improve user experience through Azure self-service password reset
• Secure third-party access by deploying Azure B2B
• Incorporate agile methodology into service delivery leveraging Azure DevOps Boards
• Identify identity-based risks and export risk detection data leveraging Azure Identity Protection
• Generate Power BI reports and integrate log analytics for better data visualization
• Enable end-to-end Azure IAM platform support
• Collaborate with Microsoft on private preview features and provide feedback to Microsoft product teams

The Solution

• Developed an Azure B2B self-service registration portal hosted in Azure Active Directory (AD) for business partners
• Enabled access to 12+ applications for B2B partner accounts
• Enabled single-sign-on while working with application stakeholders
• Configured separate conditional access policies for managed and unmanaged devices
• Blocked legacy authentications via conditional access policy
• Secured all business applications with baseline policies and implemented 55+ conditional access policies (both baseline and scoped)
• Enabled Azure Google federation and one-time-passcode features for business partners
• Deployed Azure automation scripts for dormant accounts removal and un-redeem invitations for organizational partners
• Enabled self-service password reset and multi-factor authentication services

The Impact

With HCLTech’s modernization solutions and services, our client:

• Reduced the help desk cost
• Streamlined the multi-factor authentication exemption process
• Increased their productivity through reduction of manual activities and ease of providing access to partners
• Followed best IAM practices to clean up the current production Azure AD environment for service, test, generic, positional and shared accounts
• Enabled Azure one-time-passcode feature for partner accounts to secure the authentications
• Established a feedback loop in Microsoft on the new private preview feature to collect pros and cons

The client, headquartered in Netherlands, is a world leader in lighting for professionals, consumers and lighting for the Internet of Things.

The Challenge

The client wanted to overcome the challenges related to endpoint security controls.

• Limited functionality of the existing endpoint antivirus solution
• Managing challenges across multiple vendors at the endpoint, resulting in integration and operational hurdles

The Objective

The client wanted to implement a new endpoint antivirus and EDR solution to improve security posture of the client, empowering them with capabilities to prevent, detect, investigate and respond to advanced threats, including ransomware.

The Solution

HCLTech tailored customized solutions to meet the specific requirements of the client.

• Implemented Microsoft Defender for endpoint to provide robust cloud services, encompassing endpoint behavioral sensor, cloud security analytics, threat and vulnerability management and threat intelligence.
• Activated and deployed key features such as antivirus real-time and cloud delivered protection, exploit guard protection with ASR Rules in block mode, network protection, web content protection, application control, threat and vulnerability management, next-generation protection, EDR in block mode, AIR and Microsoft Secure Score for devices.
• Utilized Microsoft Security Console for continuous monitoring, real-time threat response and alerting the operations team to promptly remediate threats and attacks

Impact

The next generation endpoint security solution provided enhanced protection and visibility of the endpoints to the client.

• Better security posture and enhanced visibility of endpoints
• Early detection and remediation of non-compliant endpoints
• Improved security operations

The Impact:

HCLTech helped the client improve their data security posture.

• 24/7 security monitoring of the IT estate for quick threat detection and response
• Zero-day protection to safeguard by checking email attachments for malicious content using machine learning and analysis techniques
• Cyber resilience with advanced and operationally effective XDR solution

The client, based in New Zealand, is one of the world’s largest exporters of dairy products.

The Challenge

HCLTech has supported the client for over a decade by managing its IT application support and maintenance portfolio. We have partnered with Microsoft to modernize and manage their technology infrastructure.

The client wanted a bird's-eye view of the data landscape to comprehensively govern, protect, and manage data. Their goal was to integrate security into business strategies and operationalize the IM Global Standard within the Microsoft Ecosystem, encompassing information protection, insider risk management, privacy and discovery, and response.

By updating security policies and introducing new security solutions within Microsoft 365, the client wanted to improve overall security and comply with regulatory standards. Keys to success included end users' adoption and awareness of the program.

The Objective

The client wanted to improve the overall security and comply with regulatory requirements.

The Solution

HCLTech started by offering a demonstration of Purview Compliance Capability through workshops. We mapped Microsoft’s entire value chain, from the account, solution specialist, fast track, and customer success teams. Our CyberSecurity practice team made presentations to establish HCLTech’s Microsoft Security credentials. We created an account plan focused on Microsoft Security for the client, maintaining a regular cadence between HCLTech Security Sales and Microsoft Security Sales. Following a rigorous RFP process, the client awarded the project to HCLTech. As a part of this project, HCLTech deployed the following modules-

• Microsoft Purview Information Protection
• Microsoft Data Lifecycle Management
• Microsoft Purview Data Loss Prevention
• Microsoft Purview insider Risk Management

The Impact

The implementation, spanning 23,000+ users, is poised to reduce the risk of financial and reputational loss. This landmark project positions HCLTech as a leading force in Microsoft Purview solutions globally. The successful collaboration with the client showcases HCLTech's capability to drive digital transformation, enhance security, and set industry benchmarks.

Our client is a medium-sized South African refinery with over 50 years of experience refining heavy crude oil.

The Challenge

Our client wanted to prevent, detect, investigate and respond to advanced threats and ransomware attacks.

• Lack of security monitoring solution to detect and mitigate threats
• Increased risk of threats through end users such as phishing attacks, email threats and malware campaigns

The Objective

Our client aimed to enhance cyber resilience by mitigating security threats.

The Solution

Recognizing our client’s requirement, HCLTech proposed the following solutions:

• Greenfield deployment of Microsoft Sentinel to provide uninterrupted 24/7 security monitoring, threat detection and response
• Tailored configurations and integrations were successfully deployed to meet the unique requirements and operational characteristics of the client’s IT estate and provide adequate security monitoring of the security controls
• Implemented M365 E5 Threat Protection Solution including Microsoft Defender for Endpoint (MDE), Microsoft Defender for Identity (MDI), Microsoft Defender for Office 365 (MDO), The Microsoft Cloud App Security (MCAS) and Bitlocker to provide robust cloud services like email behavior analysis, cloud security analytics and threat intelligence to manage and monitor the overall threat protection landscape
• Migrated from ClearSwift to Exchange Online Protection (EOP) with all advanced capabilities and rules —also, activated and deployed with impersonation phishing policies, overall enhancements and email security solution, spoofing intelligence, mailbox intelligence, safe links and safe attachments for office applications, MS Teams, OneDrive, SharePoint, threat investigation and response capabilities with the latest intelligence managed from M365 Defender