Johnson Financial Case Summary

Johnson Financial (JF) is a mid-sized insurance company located in the northeast United States. The company supports a remote computing environment for users located outside of the corporate offices. The remote users, outside of the corporate network, support various aspects of the business operations. Up to twenty percent of the company users may remote compute at any point in time. The current method of remote computing is based on a company provided laptop and a vpn connection to the corporate data center. In certain cases, employee owned computers are being used to make a vpn connection to the corporate data center. In the course of normal business, remote users access non-public information and sensitive corporate data. There are two distinct security issues associated with the current method of remote computing. First, regulatory requirements require that non-public information at rest must be protected by encryption. Additionally, corporate policy requires sensitive corporate data at rest must be protected by encryption. Remote users end up with both non-public …show more content…
The Citrix gateway provided client system authentication so that only approved user systems can connect to the environment. User authentication to applications was implemented with multifactor authentication to protect user credentials.
The implementation of this environment addressed the encryption issue and the vpn issue by eliminating the need for both. After the installation was completed and the users were migrated, the users were able to access the necessary applications via the published application gateway. Using the published applications via the Citrix client stopped the non-public information from ending up on the remote computers. All users were successfully transitioned to the published applications gateway and no longer required full network vpn