microsoft.com/hk Home   All Products  |   Support  |   Search  |   microsoft.com Home  
 
  Home  |   Events & Training  |   Subscribe  |   About Microsoft  |   About Our Site  |   MSN Hong Kong  |

Windows 2000 Home
Customer Portfolio
More Solutions

KPMG

Managing mobile security - Windows 2000 keeps KPMG's professionals plugged

Introduction

KPMG Hong Kong is one of the territory's biggest and longest-established accounting and consultancy services companies. The firm has a huge pool of more than 920 professional staff, led by 67 partners and principals, plus some 250 support staff, including a 24-people Information Technology team, led by its Director Francis Quek.

The key characteristic of the firm's professional workforce is that it frequently works off-site with its wide range of clients, which include some of Hong Kong's best-known corporates. KPMG opted to migrate its Microsoft Windows NT 4.0 platform to Microsoft Windows 2000, in order to take advantage of the new operating system's enhanced ease of use, multilingual functions, high levels of Public Key Infrastructure (PKI) security, and single log-on convenience for its highly mobile staff. Ensuring simple and secure remote access to the network was key element in the decision.

"KPMG has a strong working relationship with Microsoft," says Quek. "We've established a solid foundation together for us to move on to Windows 2000."

A number of factors influenced KPMG Hong Kong's migration from Microsoft Windows NT 4.0 to Windows 2000, but ensuring security was paramount from a business perspective, says IT Director Francis Quek. "Security is very important to us," he says.

Part of a global network founded in 1945, and one of Hong Kong's biggest accounting and consulting firms, KPMG Hong Kong serves a wide range of blue-chip clients who demand the highest levels of confidentiality for their financial information.

The firm audits more than 50% of the companies that make up the accumulated market capitalization of Hong Kong's 200 largest listed companies, including the territory's five biggest. KPMG also audits almost one-third of Hong Kong's banks and more than 70% of the territory's banking sector assets.

Amongst other corporate high points, the firm was reporting accountant to China Telecommunications (Hong Kong), Hong Kong's biggest Chinese company listing. It also handled the territory's largest-ever receivership, following the close down of the Bank of Commerce Credit International. (BCCI).

This diverse client base is serviced by a workforce made up of more than 900 professional staff, who frequently work off site, plus some 250 support personnel. KPMG maintains a highly distributed organization, including offices in Hong Kong, Macau and China, with some 80% of its IT end-users operating from notebook computers.


Migrating with confidence

KPMG carried out a comprehensive analysis to determine its best-case infrastructure, before opting to migrate its Windows NT 4.0 platform to Windows 2000, and set up a special focus group to handle the migration.

Quek notes that some people within his organization queried the wisdom of becoming an early adopter of Windows 2000. "A lot of people were asking me why were we moving so fast," says Quek. who heads a 24-person team, four of whom concentrate on networks.

"But I think the 'bugs in version one issue' is the mistruth of every software. We have been looking very closely at Windows 2000 and working with the Microsoft development team. It's been a combination effort of both our local Hong Kong office as well as the KPMG global team which has been keeping a very watchful eye on the development and doing our own testing."

Quek adds: "KPMG has a strong working relationship with Microsoft worldwide. We've established a solid foundation together for us to move on to Windows 2000."

In Phase One, the plan is for all servers to move to Windows 2000, together with the incremental migration of the desktop, by March 2000. Phase two will see the balance of the firm's 1400 or so desktops migrated to Windows 2000 by June. Quek says the firm plans to run on a mixed mode for the initial phase of the migration.


Security and mobility

The major system requirements for KPMG included the need to take into account the mobility of the majority of the firm's PC users. KPMG saw ensuring simple and secure remote access to its network as a key element in keeping the company responsive and competitive. This factor had implications for a number of issues, including security, logging-on, remote management and the need to provide such facilities as hot-swapping and offline folders.

"When we began looking at it, our prime concern from a business perspective was the security aspects," he says. "What we were looking for was an environment for us to implement and roll out Public Key Infrastructure (PKI)," he adds, noting that KPMG's IT team felt the Windows 2000 Kerberos and PKI elements enhanced the Windows NT4 security features, and were something the firm had to adopt.

Quek says KPMG is using the Windows 2000 features to establish a certificated hierarchy base that will, for example, ensure that all documents are encrypted, with individual Kerberos-based authorizations automatically establishing the correct level of user access.


Single log-on

The fact that the majority of KPMG's professional staff are equipped with notebook computers and are constantly on the move visiting clients throughout Hong Kong, Macau and China, means they are constantly logging on in different locations.

That made another key feature of Windows 2000 especially attractive: the new operating system allows KPMG to implement a single log-on for users across the network, which guarantees a simplified and consistent user experience, as well as lower support costs.

"We were looking for a platform to offer us a single log-on," says Quek. "On Windows 2000 we can ensure that our users only have to log-on once with a single sign-on password."

Another feature facilitated by Windows 2000 is it support to industry standard card readers and intergration to "two factors authentication system" such as secureID, which Quek describes as a useful aid for people who forget their passwords. "It's a major problem, and a security issue. "People do forget passwords, especially in an organisation where periodical password change is mandatory, to remember their password, users do write down their password somewhere next to their computer. With the card containing the user password, accessment becomes easy and with security," says Quek.


Multilingual features

Windows 2000 also allows KPMG to standardize applications throughout its network, including the use of multilingual features. Quek says there is an increasing demand in-house for Chinese-language facilities, such as printing documents.

"We also like the Active Directory, which is like a phone book on the network," says Quek. "With Windows 2000 Active Directory, we can easily configure and secure our services across the networks via the integrated management infrastructure. This is very important and something that we need."

Quek says the migration is proceeding well. "In my practical experience, Windows 2000 facilitated much higher levels of security, better control of the system, simplified log-on procedures, standardization of applications and greatly enhanced remote management of KPMG's highly mobile workforce."