Beyond HumanBig PictureCatalystsConnected WorldExchangeMarketing MixNew MoneyNew SchoolPeople SciencePulse

Total CIO: how do you ensure 100,000 employees are who they say they are?

Identity management Identity management
Photo credit:

Henning Muhlinghaus

French energy giant Total has close to 100,000 employees. Ensuring each person has access to its networks, whilst keeping intruders out, is the task of its CIO, Frédéric Gimenez.

There’s no disputing the fundamental role innovation has had to play in the gas and oil industry.

Over the course of the past couple of decades, technology has steadily been redefining the realms of possibility – gas from shale, and oil from oil sands are just two examples of products that were previously too expensive or beyond the sectors technical ability.

Now they are transforming marketplaces around the world.

Advances ranging from 3-D and 4-D seismology, to improvements in distillation have had a profound impact on the way companies explore, drill, produce, process and distribute oil and gas.

Data sits at the heart of these changes. And it is now down to identity management to help contain pressing security threats that emerge from data, but also leverage the opportunities it presents too.

Frédéric Gimenez, CIO of energy behemoth Total, explained just how important data is as a foundation for future innovation.

“We have individuals working exclusively on the management of data from the earth and its subsurface to determine whether or not there could be oil for extraction. It is utilized in our chain to optimize production, our platforms and logistics too.”

With so much valuable data being created every day, Gimenez and other CIOs are bolstering their defences against cyber security threats.

This has become increasingly necessary, as a study carried out by Tripwire pointed out. Finding that cyber-attacks in the gas and oil industry had increased between 50-100% in the past few months alone.

It is a favorite target of hackers because of the catastrophic potential to create spills or blackouts. The Shamoon virus of 2012 is one such example. A virus described as one of the most pervasive and sophisticated attack the industry has seen.

It was a self-replicating virus that infected as many as 30,000 Saudi Aramco computers, the national oil company of Saudi Arabia, which posted revenues of $378bn in 2014.

Its main function appeared to be the indiscriminate deletion of data from hard drives. Although there was no oil spill, or any kind of catastrophe, the attack dramatically impacted Saudi Aramco business processes.

Identity management can be a means of targeting such problems. And organizations have for a long time leveraged it in one form or another to stem the leakage of resources to unauthorized entities.

Before the digital revolution, bank managers would ask for a passport or valid ID before continuing in conversations. Pharmacy staff would ask for an ID before handing over prescription medication, and doctors needed to ensure that the individual sitting before them was who they said they were before divulging any personal information.

The same principle applies for individuals working in corporations, explains Gimenez.

“Each of Total’s 96,000 employees has his or her own digital identity within our IT system. It gives them differing level of access to information based on their role, geography and seniority, and is necessary both for security, and efficiency.”

“Identity management becomes more important still when you consider the thousands of contractors we work with that have access to our information systems.”

Ubiquitous connectivity to corporate information systems for entire employee populations has become a necessity as global information workers move across PCs, tablets and smartphones seamlessly. The days of being tethered to a desk are gone, but sensitive information has become more vulnerable.

Such a wide scope of security risks has forced Total to pay a lot of attention to identity management, “to be sure that those within our information systems are who they say they are, and so that Total remains safe.”

Leveraging customer data

There’s another opportunity within this same remit of identity management, extending beyond security and into the realms of marketing.

With huge pressure being put on businesses to focus on the way products are sold, and as device and channel fragmentation continues to increase, the desire for real-time interaction and personalized contextual experiences grows with it.

Gimenez believes that, “knowing how to manage the identity of millions of customers is increasingly becoming an opportunity.”

In order to meet the growing desire for truly compelling experiences, businesses are starting to harness marketing technology infrastructure and data strategy around a single, comprehensive source of truth: the customer identity.

“Total has millions of people coming in and out of its service stations every single day. Creating an identity for each individual would allow us to better leverage the huge value of the data they generate.”

“All we know is that they have come in and bought something. The clear value for our marketing activities would be to gain a better understanding of each individual. What do they buy? What are their consumption patterns? It would make defining particular trends significantly easier, and targeting individuals easier too.”

This becomes particularly salient when Gimenez highlighted the sheer openness of the gas market, where brand loyalty can be particularly difficult to come by.

“The price doesn’t have to be the only thing drawing in customers; rather, we want to be smarter and go beyond this basic allure.”

Providing personalized and contextualized experiences could really help differentiate brands from their competitors and, as such, identity management could play a key role.