ThirdSpace ThirdSpace
ThirdSpace
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Solutions
  • People
Load more

Providing secure and hassle-free membership experiences at the IET

Summary

With over 168,000 members, the Institute of Engineering and Technology (IET) is one of the world’s leading membership organisations. So, when it came to choosing a new platform for improving user experiences with single sign-on (SSO), multi-factor authentication (MFA) and user data security, it was no surprise they put their faith in Microsoft’s leading customer identity product – Azure AD B2C.

The IET worked with ThirdSpace to consult and deploy Microsoft’s Azure AD B2C platform and integrate it seamlessly with their existing on-premises CRM system, website and cloud applications. ThirdSpace also worked with the IET to develop custom user flows, providing a simple and secure journey for their members to access privileged portal tools and information.

Results

  • A seamless single sign-on process for all users.
  • Provision of multi-factor authentication to give an instant security boost.
  • Implementation of custom user journeys, allowing privileged access.
  • Social media login options improved customer experiences and limited password fatigue.
  • A fully GDPR compliant platform via the B2C and Azure platform policies.
  • Peace of mind from cyber security tools built into the Azure platform.

The customer

The IET is made up from over forty predecessor organisations that can trace their history as far back as 1854 with the Society of Engineers. Now, in 2019, the IET is one of the world’s largest engineering institutions with over 168,000 members in 150 countries.

The IET’s mission is to inspire, inform and influence the global engineering community, supporting technological innovation to meet the needs of society.

They provide a number of key services to their members and the wider public, including:

  • Expert advice and thought leadership
  • Awarding and safeguarding of professional engineering standards
  • Delivering world-class knowledge products and services
  • Providing a professional home for life for engineers and technicians
  • Recognising and promoting excellence and inspiring the next generation

The challenge

The IET was undertaking a large project looking at all aspects of CRM, user experience (UX), compliance and security. One key pillar of this project revolved around refreshing their membership portal login, access and authentication processes.

The unifying challenge for the IET in this area was to provide a more secure and easy to use customer portal for their members to access applications and data.

The IET make a number of useful web applications available to their members within their online portal. Ensuring new and existing users could gain access to these privileged apps and information was a challenge as the IET’s systems and processes were complex, including:

  • A requirement to grant access to multiple apps
  • Integrating multiple systems, including some legacy on-premises platforms, as part of the process for login, access and authentication
  • Allowing users multiple sign-in methods in the interest of providing good customer service

The IET needed to provide at least two different user journeys for sign-up, with resulting access dependent on whether a registration was being made by a qualified IET member (full access) or just a general user (limited access). So, they needed to invest in a customer portal that could provide the ability to tailor complex user journeys.

The IET also had no two-factor authentication in place and they had concerns over mitigating the growing risk of cyber-attack from compromised passwords.

And lastly, in the interest of improving the customer experience for their members, the IET wanted to find a customer identity solution that would provide single sign-on functionality and the option for members to logon using a range of personal credentials (including user email and social media) to counter the risk of password fatigue and the annoying need to reset passwords.

“We wanted to provide a system that would serve both our member needs and non-member needs, while delivering a seamless customer experience.

The decision to use social logins would help overcome remembering multiple usernames and passwords to access our web platforms, while the multi-factor authentication provided a much stronger level of security to protect accounts from the threat of attack.” Sara Killingworth Head of Marketing IET

See Azure AD B2C in action

Build online customer login and authentication experiences that delight. Watch this on-demand webinar and:

  • Learn how to implement and customise multi-factor authentication (MFA)
  • Learn how Azure AD B2C supports GDPR data requests and compliance
Watch now

The solution

When they began looking for a solution, the IET researched technologies that could handle customer identity and security. The IET decided to go with Microsoft Azure AD B2C because the solution sat on top of the Azure AD platform, a robust and proven system, that would provide the security, reliability and scalability needed.

With the IET having over 168,000 members, it was very important to know that customer identities would be protected with the Azure AD B2C platform. The ability to add multi-factor authentication and built-in cyber security controls available through the Azure Cloud was a key differentiator for them.

“One option for us was to develop our own security layer but that inevitably can prove costly and time-consuming.

As Microsoft provide similar services for thousands of websites globally, and see traffic from across the web, we were confident that this broad view would allow them to detect and block attacks far more effectively than a small site building its own countermeasures in isolation.” David Smith Head of Technology Solutions IET

Upon consulting with Microsoft, The IET was referred to ThirdSpace, as one of Microsoft’s Gold partners in the UK and a leading global provider of B2C consultancy and deployment services.

The engagement started with a two-day Azure AD B2C workshop; we then went on to deliver a detailed report and Proof of Concept covering the deployment and specific architecture requirements.

In order to provide single sign-on (SSO), multi-factor authentication (MFA) and front-end website sign-in options with social media accounts (social IdPs), the Azure AD B2C system needed to be deployed and fully integrated with the IET’s existing on-premises CRM system as well as their website and cloud applications. The B2C platform fully supported open standards (including OpenID Connect, SAML, OAuth 2.0.Net, iOS and Android) meaning they were able to integrate easily with the various technology stacks they had.

With these integrations in place, the B2C platform sat on the front end of the IET website, powering all login, registration and authentication journeys and querying these against the CRM through a live sync.

The next step was to build three custom user journeys specific to the IET’s membership access requirements:

Journey 1: Sign-in (member or non-member)

This journey required B2C enabled SSO, login via social IdPs and an MFA trigger for all members using email sign-in.

Journey 2: Online registration (member)

With this journey, a new IET member without an online account is now able to register online by just giving three known details about themselves (last name, membership number and DOB) and B2C will sync and authenticate against known membership details in the IET’s on-premises CRM system. Users are then able to seamlessly access membership areas of the website.

Journey 3: Online registration (non-member)

With this journey, a user is able to register online as a non-member by filling out a more in depth set of details that will populate the IET’s on premises CRM system and, in turn, sync with B2C. Users are then able to seamlessly access non-membership areas of the website.

 

Conclusion

Improving value for the membership base through better membership experiences was a critical part of the IETs broader CRM project. The deployment of Azure AD B2C was carried out quickly, and in a highly professional manner, by the ThirdSpace team.

The IET’s website now has the functionality to provide customer security and usability features all leading membership organisations strive for, including:

  • Quick and simple single sign-on functionality
  • User friendly login via social networking websites
  • Seamless existing or new user onboarding processes
  • Instant access to exclusive member applications
  • Membership identity security with two-factor authentication

Next, watch our on-demand webinar to find out why enabling multi-factor authentication is a must-have for customer facing organizations.

You may also like...

Technology

Microsoft Azure AD B2C

Resource

Drive GDPR compliance with Azure AD B2C for web applications

Logo

The Institution of Engineering and Technology

The Institution of Engineering and Technology was formed in 2006 and has over 168,000 members.

Visit website
Solution
Technology

Customer Identity and Access Management: See how you score

Find out in just 2 minutes and receive a free report that:

  • Identifies areas for improvement
  • Provides tailored advice for remediation
Get my report
Book a free workshop  

Apply for a free CIAM Workshop

Envision seamless sign-up and sign-in processes, and secure user authentication.

Apply for free workshop
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.