Enhancing Security and Streamlining User Management for Williams with Azure B2C

ABOUT THE COMPANY

Williams handles approximately one-third of the natural gas in the United States that is used every day to heat our homes, cook our food, and generate our electricity. Williams works closely with customers to provide the necessary infrastructure to serve growing markets and safely deliver natural gas products to reliably fuel the clean energy economy.

OPPORTUNITY: Optimizing Enterprise Applications for External Users

Facing the need to modernize access management for external customers and contractors across multiple enterprise applications, Williams’ Cloud Center of Excellence (CCOE) team identified the requirement for a robust Customer Identity Access Management (CIAM) solution. This initiative aimed to enhance security measures and streamline the authentication process to ensure a seamless and secure user experience.

SOLUTION: Enhancing CIAM with Azure B2C and Partner Portal

Williams partnered with 27Global to address its CIAM needs through the Azure AD B2C platform. The project’s primary aim was to create a secure, scalable authentication framework that would enhance user management and access control across Williams’ suite of applications. This initiative was crucial for facilitating secure and efficient access for external customers, aligning with Williams’ strategic goals for digital transformation and improved security posture.

After establishing this best-practices design, 27Global brought an expert team of cloud engineers, senior developers, and software consultants to plan and build the desired state. Collaborating closely with Williams’ CCOE team and each of the internal application teams, 27Global went to work building a CIAM solution tailored to meet the needs of Williams’ diverse stakeholders.

Chris Irwin, Director of Commercial Applications at Williams, had this to say about 27Global’s approach: “27Global was always highly responsive and brought excellent communication and management to a large Williams team consisting of diverse stakeholders and third-parties. 27G was able to effectively align and drive milestones which is no small task.”

The project was segmented into two main components:

Azure B2C Implementation

The initial phase focused on the strategic deployment of Azure B2C to replace the fragmented authentication processes previously managed by each application independently. The implementation involved the addition of multifactor authentication (MFA) as well as the configuration of B2C custom policies, which were necessary for addressing the unique user experience requirements of each application while maintaining a centralized authentication process. Notable requirements that drove the use of custom policies include:

• Supporting Single Sign-On (SSO) from external Microsoft tenants
• Implementation of application-specific invite processes with custom messaging
• MFA customization to allow a preferred selection
• Tailored workflows and messaging to encourage the use of Identity Provider (IdP) accounts over local password accounts

Integration with external Identity Providers, such as Microsoft and Google, was a key feature of the authentication overhaul. This allowed Williams to streamline access for most external users, eliminating the majority of separate password management, while ensuring support for all types of external users.

Further strengthening the system, the team developed an integration with Active Directory (AD), enabling a unified login experience for internal users. This integration allowed for the direct management of authentication and authorization through AD, centralizing the oversight of internal users within the same framework as their other enterprise applications. This approach simplified internal access controls and reduced the complexity of managing multiple user databases, ensuring a cohesive and secure environment for internal users.

Custom Partner Portal Development

The team built on the foundational Azure B2C implementation with a custom Partner Portal application built with Razor. The Partner Portal introduced the capability to manage permissions and roles within each of the integrated applications via B2C Groups, thus centralizing the management of external user authorization. Role request and approval flows were also implemented, including the ability for external administrators to invite users and request roles for their users, which reduced the administrative overhead for Williams while maintaining internal oversight and aligning with security requirements.

The Partner Portal also introduced self-service options for external users to update personal details, reset passwords, and configure MFA settings, while also allowing external administrators to perform account management functions, further reducing the internal administrative overhead.

“The product delivered is fantastic. As a programmer myself, I appreciate that the code is extremely clean and really well laid out,” said Greg Lomax, Technical Architect at Williams Companies.

RESULTS: Reduced Overhead and Enhanced Security

The collaboration between Williams and 27Global led to the successful implementation of Azure B2C and the custom Partner Portal, significantly enhancing the company’s CIAM capabilities. This initiative streamlined access management across various external and internal user groups, reducing administrative overhead and bolstering security.

“A huge shout-out to our partner 27Global for their invaluable support.”

-Brian Letzkus, Williams CIO

This effort required a range of technical skill sets and development languages, notably .NET, Razor, Javascript, and B2C XML custom policies. The infrastructure deployment processes were significantly optimized through automation with Terraform and Powershell, targeting the deployment of Azure services including B2C, FrontDoor, Storage Accounts, and App Services.

The launch of these solutions was done in conjunction with a refactoring and redeployment of the integrated applications. The release was characterized by minimal bugs and support requests, evidencing the effectiveness of the deployment strategy and the quality of the build. The integration with external IdPs and Active Directory, alongside the development of a user-friendly Partner Portal, marked a pivotal improvement in user experience and access control for Williams.

“Williams’ IT team is truly world class. Nick Ocepek, Sam Free, and the Cloud Center of Excellence crew are extremely talented and adaptable, and I use their organization as a model for others.”

-John Marney, 27Global Director of Client Services

This project not only met Williams’ immediate needs but also laid a solid foundation for future enhancements, aligning with the company’s long-term digital transformation goals. Additionally, the architecture’s flexibility ensures seamless integration with other applications in the future, further extending Williams’ capabilities and fostering continuous innovation.

27Global is a Microsoft Solutions Partner with validated proficiency in guiding and empowering our clients in the Azure cloud and multiple advanced certifications. Learn more about how we guide and empower our clients in the Azure cloud.

EXPLORE OUR ENERGY INDUSTRY EXPERTISE.