Cybersecurity

At the heart of any cybersecurity strategy, Identity and Access Management (IAM) remains a critical domain. Although it has existed for decades, it continues to be a major challenge for organizations. Its importance keeps growing due to the increasing complexity and diversity of technology environments.

To address these challenges, we offer a comprehensive IAM service portfolio covering Identity Governance and Administration (IGA), Access Management (AM), Privileged Access Management (PAM), and Customer Identity and Access Management (CIAM).

Strategy

• IAM Maturity Assessment: Evaluation of the current state, technical diagnostics, definition of a target vision, and strategic recommendations.
• Strategy and Roadmap Definition: Development of detailed short- and long-term action plans to structure IAM implementation.
• Governance Framework, Processes, and Operating Model: Design of governance structures and processes tailored to the organization’s needs.
• Enterprise Architecture: Design and deployment of an IAM architecture aligned with the organization’s overall goals.
• Technology Selection Support: Assistance in identifying and selecting the most suitable tools and technologies to meet specific challenges.
• Transformation and Change Management: Support for managing change to ensure smooth adoption of new solutions and practices.
• Architecture & Integration
• Technical Advisory: Expertise on tools, protocols, and best practices for optimal identity and access management.
• Solution and Business Architecture: Design of architectures and solutions aligned with both security and business requirements.
• Needs Analysis: Study of functional, technical, and data-related requirements to ensure solution relevance and performance.
• IAM Tool Deployment: Implementation of identity and access management platforms and related capabilities.
• Application and System Integration: Integration of existing applications and systems with IAM and PAM solutions for consistent enforcement of security controls.
• Support for Business and IT Teams in Access Modeling: Definition of access models and business roles suited to the organization’s structure.
• Access Policies (ABAC, RBAC, SoD, etc.): Definition and implementation of access policies adapted to specific business needs.

Operations

• IAM Platform Administration: Monitoring of operations (lifecycle management, reconciliation, etc.), production support, and incident resolution.
• Access Request Management: Handling user access requests (creation, removal, updates).
• Access Certification Campaigns: Execution of certification campaigns (configuration, communication, execution, and follow-up).
• Managed IAM/PAM Services: Full operational management of IAM and PAM processes.

In today’s digital era, data has become one of the most valuable assets for organizations — and protecting it is an absolute priority. Whether data is at rest, in transit, or in use, safeguarding sensitive information is essential to prevent breaches and ensure compliance with evolving regulations such as GDPR, Law 25, or Bill C-27.

We offer a comprehensive suite of data protection services, ranging from strategic advisory to the deployment of tailored technical solutions that meet your specific needs.

Strategy

• Data Protection Maturity Assessment: In-depth diagnosis of the current state, identification of vulnerabilities and regulatory gaps (GDPR, CCPA, Law 25, etc.), with actionable strategic recommendations.
• Strategy Definition and Roadmap Development: Design of short- and long-term data protection strategies aligned with your organization’s objectives.
• DPO Support: Expert assistance for Data Protection Officers to structure and optimize data governance across the organization.
• Regulatory Compliance (GDPR, PIPEDA, etc.): Guidance and implementation of best practices to ensure alignment with legal frameworks.
• Data Governance: Definition of policies and processes for managing sensitive and personal data effectively.
• Technology Selection Support: Assistance in identifying and choosing the most suitable data protection tools and platforms.
• Awareness & Training: Change management and staff awareness programs to foster a strong data protection culture.
• Privacy & Security by Design: Embedding privacy and cybersecurity principles into the design of all projects to ensure lasting compliance.

Architecture & Integration

• Technical Advisory: Expert guidance on data protection tools, standards, and protocols.
• Data Protection Solution Architecture: Design and integration of tailored solutions into your existing IT environment.
• Integration of Compliance & Security Solutions: Deployment and connection of specialized tools (e.g., DLP systems) for secure and streamlined governance.
• Data Encryption: Implementation of encryption technologies for data in transit and at rest.
• Secure Backup & Recovery Solutions: Deployment of robust backup and restoration tools to ensure data continuity and resilience.
• Sensitive Data Management Modeling: Support in classifying, accessing, and storing sensitive data appropriately.

Operations

• Operational Implementation of Compliance: Integration of processes and tools to ensure continuous adherence to legal and regulatory standards.
• Operational Support and Oversight: Day-to-day management of data protection activities, incident monitoring, and implementation of industry best practices.
• Ongoing Data Monitoring and Vulnerability Analysis: Continuous oversight to identify and address risks proactively.
• Data Breach & Incident Response Management: Design and implementation of processes to detect, manage, and respond effectively to data breaches.

In a world where cyber threats are increasingly diverse and sophisticated, organizations must establish a strong and resilient cybersecurity strategy. To protect information systems and sensitive data, a strategic approach, robust governance, and effective security architecture are essential.

Security must be embedded by design into systems and processes to anticipate risks while ensuring the integrity, confidentiality, and availability of data and applications.

Our approach to cybersecurity strategy, governance, and architecture is based on tailored solutions designed to address the specific needs of each organization, considering their technological environment, business priorities, and applicable regulations.

Strategy

• Cybersecurity Maturity Assessment: Evaluation of the current security posture, identification of weaknesses, technical diagnostics, target vision definition, and strategic recommendations to strengthen the overall security framework.
• Cybersecurity Strategy Definition: Development of a cybersecurity strategy aligned with business objectives, supported by a clear short-, medium-, and long-term roadmap to address emerging threats.
• Cyber Risk Management: Identification and assessment of risks related to infrastructure, data, and applications.
• Implementation of a risk management framework to prioritize and mitigate these risks.
• Cybersecurity Prioritization: Support in ranking cybersecurity initiatives based on asset criticality, threat landscape, and resource availability.

Governance

• Cybersecurity Governance Framework: Design of appropriate governance structures, including definition of roles, responsibilities, and decision-making processes.
• Cybersecurity Policies and Procedures: Drafting and implementation of policies and procedures tailored to the organization’s needs, covering areas such as access management, data and network security, and incident response.
• Performance and Risk Monitoring: Definition and tracking of key performance indicators (KPIs) and key risk indicators (KRIs) to measure the effectiveness of cybersecurity governance and drive continuous improvement.
• Awareness and Training Programs: Implementation of employee training programs to strengthen cybersecurity culture and promote best practices throughout the organization.

Security Architecture

• Security Architecture Design: Development and implementation of robust, scalable security architectures tailored to the organization’s needs.
• Application and Infrastructure Security Modeling: Design of security strategies for applications, networks, storage systems, and cloud environments, integrating security controls at every level.
• Hybrid and Cloud Environment Security: Implementation of security solutions adapted to public, private, and hybrid cloud environments, with a strong focus on identity and access management (IAM) and data protection.
• Network and System Security: Development of a network protection strategy including segmentation, access control, intrusion detection, and prevention systems.

In a world where cyber threats are increasingly diverse and sophisticated, organizations must define a robust and resilient cybersecurity strategy. Security must be embedded by design into systems and processes to minimize risks and ensure the integrity, confidentiality, and availability of your data and applications.

Our SOC service offering is built on a tailored approach that combines strategy, architecture, and operations to design customized solutions that align with your technological environment, business priorities, and current regulatory requirements.

Strategy

• SOC Maturity Assessment: Diagnostic of the current maturity level to evaluate the effectiveness of your SOC, identify improvement areas, and develop an action plan to progressively strengthen detection and response capabilities.
• Governance and Compliance: Implementation of security policies and performance indicators (KPIs); support to achieve compliance with frameworks such as GDPR, ISO 27001, and others.
• Roadmap Development: Planning and execution of prioritized actions to enhance your SOC posture and ensure its long-term effectiveness.
• Architecture & Integration
• Unified SOC Infrastructure Design: Definition and deployment of an architecture integrating SIEM, SOAR, and threat intelligence tools to enable centralized log collection and automated event correlation.
• Infrastructure Security: Implementation of protections for networks, applications, databases, and critical systems.
• Security Perimeter Management: Deployment of solutions to secure access to systems and sensitive information.
• Defense-in-Depth Architecture: Multilayered security strategies to strengthen system protection across all layers.
• Integration of Diverse Data Sources: Aggregation of inputs from various sources (cloud, endpoints, networks, applications) to ensure effective incident response orchestration and end-to-end visibility.

Operations

• Incident Detection and Response: Implementation and management of SOC operations to detect, analyze, and respond to security incidents in real time.
• Orchestration and Incident Response (SOAR): Deployment of SOAR solutions to automate initial response actions, coordinate remediation steps, and facilitate collaboration between SOC teams and other stakeholders.
• Vulnerability Management Tools: Setup and management of tools for continuous vulnerability detection and mitigation.
• Continuous Improvement: Organization of post-incident reviews, regular audits, and simulated attack exercises to increase operational maturity and readiness.

Following an IAM maturity assessment and roadmap definition mandate conducted by Wepoint, the client selected Saviynt Enterprise Identity Cloud (EIC), a SaaS solution, to modernize its Identity and Access Management platform. Wepoint was entrusted with providing end-to-end support, from strategic planning to functional integration and implementation of the new IAM foundation.

Scope of Work:

• Governance Framework Review: Analysis and update of the existing IAM governance framework.
• Stakeholder Engagement: Meetings with key IAM stakeholders to define a conceptual architecture, gather requirements, and draft both functional and technical specifications.
• Process Optimization: Review and design of IAM business processes to align with best practices and solution capabilities.
• Solution Deployment and Configuration:
  • Integration of source systems into the IGA platform, including Workday (HR source for employees) and ServiceNow (HR source for consultants).
  • Integration of target systems for access provisioning and monitoring: Microsoft Active Directory, Entra ID, ServiceNow (ITSM), and Microsoft Sentinel.
• Access Certification Campaigns: Implementation of periodic certification cycles to ensure proper access rights.
• User Testing: Planning, coordination, and execution of user acceptance tests (UAT).
• Go-Live Preparation: Coordination of production deployment activities and risk mitigation plans.
• Training & Knowledge Transfer: Delivery of tailored training sessions and structured handover to client teams.

This engagement demonstrates Wepoint’s ability to deliver complex IAM transformation programs, combining strategic vision, technological expertise, and operational excellence.

Wepoint supported a major airport operator in Quebec in assessing the maturity of its Identity and Access Management (IAM) practices, with the goal of strengthening its overall security posture and preparing for the integration of a modern IAM platform.

Scope of Work:

• Current State Assessment: Comprehensive evaluation of the existing IAM landscape to identify key challenges, constraints, and improvement opportunities.
• Strategic Roadmap Development: Structuring findings into a three-year roadmap aimed at progressively enhancing IAM maturity and aligning with cybersecurity best practices.
• Integration Architecture Design: Definition of an integration architecture for a future IAM platform within the organization’s broader IT ecosystem, ensuring interoperability and scalability.
• Technology Selection Support: Assistance in selecting a leading IAM solution on the market, providing both strategic and technical guidance throughout the decision-making process.

This engagement enabled the client to gain a clear understanding of its IAM maturity level, prioritize initiatives, and lay the foundation for a secure, scalable identity governance model.

• Establish best practices for the implementation of a 24/7/365 international SOC to support a “Follow the Sun” model.
• Identify blockers and provide recommendations.
• Ensure the operations of hybrid SOC services with teams based in Montreal and France, covering detection, triage, CTI, behavioral analysis, incident response, and more.

• definition of the IAM program’s objectives and strategy
• identification of needs related to identity governance and administration (IGA) and privileged access management (PAM)
• budget estimation for the IAM program, covering acquisition and implementation of solutions
• definition of requirements and drafting of the request for proposal (RFP) for the acquisition and deployment of an IGA solution
• review, update, and design of IAM processes
• development and documentation of functional, data, and technical architectures based on IAM best practices
• functional integration of the IGA solution and collaboration with the system integrator

• strengthening of DLP capabilities based on Microsoft Purview
• analysis and assessment of the current environment, development of strategies, roadmap, and implementation of the roadmap within the solution
• iterative handling of critical data types, including data lifecycle definition, risk analysis, and implementation of DLP rules