Helvetia Linux Client
Security and Productivity in the Focus
"If only I could work with Linux, I would be so much more efficient!"
Who has never heard these words from a developer? Helvetia Insurance heard this message loud and clear. Their answer: the Helvetia Linux Client. Here’s the story of how their efforts to digitalize the workplace led them to the Open Source expert, Adfinis.
For most Linux-based client projects on an Enterprise level, the need is generally first raised by the developers, engineers, or scientists. The Helvetia Linux Client is no exception to this rule.
In January 2020, the Swiss insurer headquartered in St. Gallen and Basel launched the Future Workplace project. The aim was to create an efficient and uniform workplace that meets the highest compliance and security requirements for all its employees. In the process of collecting requirements, the necessity for a Linux-based client and workplace solution rapidly emerged from their development and IT teams. The workaround solution developers were using on the default client, meant higher risks for malware outbreaks (including ransomware), misuse, and vulnerabilities that would have impacted the entire Helvetia network. The management team understood the need to officially build a solution that would be professionally deployed and standardized in a centralized manner within Helvetia's IT service offering.
Offering flexible and secure tools for dev teams
In the first project phase, Helvetia teamed up with BitHawk, a leading Swiss provider of IT and Enterprise Service Management solutions, to implement and operate a robust Microsoft environment offering consistent and secure collaboration for internal and external people and organizations. Then in a second phase, they sought to partner with someone who could provide the necessary Linux expertise in building and managing global enterprise-ready Linux Clients in regulated environments. Adfinis was the perfect fit.
The consolidation of our developers' requirements and the definition of a solution that complied with the security specifications were the biggest challenges in this project. We were looking for a reliable Linux partner to help us with this, which we found in Adfinis.
- Björn Fischer, Head Development Container Platform, Helvetia
Helvetia’s key objectives with the new developer client were to standardize the deployment approach and to add the offering to the IT services portfolio with optimized and centralized management and governance. In particular, the development of the Linux Client had to offer developers the flexibility to create their optimal setup, yet also meet the same security, operational, and confidentiality requirements as Helvetia's standard Windows client. The mitigation of security risks (operating system, network, applications, etc.) was the number one focus of Helvetia’s team throughout the entire process.
Adfinis is one of the only organizations that has the necessary expertise to plan, build and run Linux Clients in enterprise and regulated environments on an international scale. Meaning accompanying organizations on their Linux Client adoption trail holistically and guaranteeing long-term support.
From MVP to Production in under six months
The goal in the first step was to build a Linux Client MVP customized and optimized to the needs of the development teams while ensuring the shared vision of "Light Managed and Zero Trust" is fully implemented. One of the success factors in achieving this was bringing all important stakeholders (workplace management, security, governance, and developers) to the table and defining a joint vision. Adfinis was responsible for the whole Linux Client adoption trail. Meaning scoping the key requirements together with the developers and workplace engineers, designing a long-term strategy and concept while ensuring best practices and Zero Trust methodologies are followed, and finally implementing the Helvetia Linux Client based on best practices such as Infrastructure as Code:
- Translating the Microsoft "Zero Trust Framework" concept into the Linux context
- Defining the architecture design and concept to select tools and technologies in close collaboration with all affected stakeholders (developers, platform, network, security, operations)
- Implementation of the MVP and very short feedback loops during the testing phase
- Hypercare support in the rollout and offer continuous service management as part of an ongoing SLA
We were looking for a reliable Linux partner which we found in Adfinis
- Claude Gassmann, Future Workplace Program Manager, Helvetia
From the early architectural steps to the first testing, the three teams met weekly, leading to a first MVP within two months after the project kick-off. Helvetia’s team rapidly concluded after initial testing to move ahead with the gradual rollout of the tailored Linux Client to over 150 developers. BitHawk and Helvetia focused on the operational and logistical aspects, while Adfinis covered the engineering activities ensuring new needs were implemented quickly, and the Linux Clients were operated reliably. This also led to building a backlog for future development.
Collaborative support model
Now that the Helvetia Linux Client is being used in daily business, BitHawk is offering 24/7 1st-level support, and the Adfinis team of Linux experts is responsible for the 2nd and 3rd-level support. With this collaborative model, BitHawk and Adfinis jointly offer SMB and Enterprise organizations a sustainable operating mode for both Linux and Windows Client workloads.
Adfinis complements our BitHawk Windows solutions with Linux solutions in an uncomplicated and pragmatic way. This works well for projects or in operation mode.
- Terrence Schweizer, CDO, BitHawk AG
What’s next?
Helvetia has big ambitions for its new workplace solution. The Helvetia, BitHawk, and Adfinis teams are working on growing the overall service and adding new flavors, such as hardware and VDI-based options. The VDI option will give Helvetia more flexibility in working with external developers, as with the current setup, external developers must use a Helvetia laptop for security reasons. Thanks to the new VDI option, they see a saving potential in terms of costs and efficiency regarding access provisioning.
This success story is an excellent reminder for organizations of any size that closely listening to the needs of their developers, scientists, and engineers is critical to improve efficiency and focusing on the core business. Helvetia’s developers now have all the tools to best achieve their goals, and Helvetia is one step ahead of the competition. By providing a standardized Linux Client solution and clearly defined responsibilities, Helvetia expects their developers to work more efficiently and better contribute to the long-term strategy.
