Skip to content
Customer story

Security Scores High Following Sweeping Upgrade for Major Dutch Telecom Company

KPN increases market turnaround and catalyzes development by integrating security into Agile processes

Related services
Security | Agile

Industry
Technology, Telecom and Media

Company
Xebia

Rotterdam-based telecom company KPN considers itself a very Dutch company. Indeed, the largest telecommunications provider in the Netherlands started as part of the Dutch postal system in 1752, which later combined with telephone services. When the system was privatized in 1997, the name KPN (Koninklijke PTT Nederland) was officially borne. KPN provides landline, mobile, internet, and video services throughout Europe under various brand names. Its landline service numbers 6 million customers in the Netherlands alone. Its mobile service operates in Belgium, Germany, France, the Netherlands, and Spain with 33 million users. Since 2015, KPN has operated with 100% climate neutrality using only green energy while continuously striving towards sustainable growth. By 2025, the goal is to reach 100% reusable materials.

Why
Continuous protection against hacks and other security threats while maintaining compliance with regulatory legislation
What
Create better, more efficient security best practices
How
Streamline security protocol using Agile and DevOps

Security Within and Without

KPN’s departmental and IT infrastructure came with its own set of security challenges. For one, KPN’s security department worked largely independent of the rest of the company, creating a distinctly separate hierarchy. Security analyst Peter Meulemans explained: “Security experts should become more like counselors and trainers than cops. They should explain the risks and mitigations and coach development teams to come up with solutions.” Secondly, fragmentation of legacy systems and information led to less flexibility, slower turnaround, which created difficulty in gaining insight into customer profiles. This in turn affected the capacity for security to adequately perform assessments or conduct business impact analysis. KPN requested Xebia’s expertise to help make security a collaborative, smooth process.

Peace of Mind

Consolidating a complicated IT architecture consisting of multiple back-ends and front-ends with different customer information presented a dynamic task. Combined with KPN’s methodology-heavy security and compliance department, Xebia had its work cut out. Evolving markets demand faster output. Security needs to manage risks before new products are rolled out. The two need to be in sync. What Xebia sought to accomplish was simplifying KPN’s security apparatus and using an Agile adaptive means of integrating security into the company’s IT landscape without compromising validation structures and safety.

“An Agile approach resulted in a better understanding of security within the teams. It made it easier to implement changes and reduced the time needed for validation. Production incidents have also decreased, proving that this approach works.”
Peter Meulemans Security Analyst

Achieving Agile Security

The process of streamlining KPN’s IT and security landscape was a matter of simplifying. Mitigating KPN’s hundreds of rules was necessary, as they proved unwieldy and ultimately time-consuming and inefficient. By paring down these controls, each requiring validation, Xebia’s experts were able to form a simplified questionnaire. This was then used as a smart filter to expedite and assign tasks accurately when rules were triggered. This allowed more critical business endeavors to take precedent over minor occurrences and allowed for more accountability. Instead of security siphoned into one separated sector, the departments worked together in an Agile way to come up with an active, productive, successful solution.

Explore related customer stories