Personal account for evraz clients


Convenient interface
Accessibility from any device
Reliable data access control
Convenient and informative reports
Integration with Microsoft CRM

Customer

EVRAZ is a modern mining and metallurgical company, one of the largest producers of steel and rolled metal products in the world.

Task

To create a convenient and functional personal account for the company's clients that meets the requirements of information security.

69 619

employees

$9.5 billion

2021 Q1 Net profit 

13.6 million

tonnes of steel produced

The business goal - 

To provide EVRAZ customers with a
convenient interface for purchasing
rolled metal products.

Solution:

  • Creation of a website integrated with the company's CRM;
  • Development of a tabular interface with quick access to details about orders and shipments;
  • Ensuring that security standards are upheld when working with company data.

We present to you - “Client personal account" for a multinational.
Work is still ongoing, with additional functions being introduced.

You may ask:

- Why do EVRAZ clients need  personal accounts?

Do Steel production, rolling, and shipping require that many contracts, Excel reports and invoices?

 

The traditional method of drawing up contracts for the supply of industrial products is a lengthy workflow, involves making numerous calls and tons of paperwork.

The personal account of EVRAZ clients is a modern solution that reduces the time spent on such processes and increases the convenience of work.

A series of interfaces were  developed to present shipping information in a  simpler and more understandable format to clients.
With the help of a personal account, the Client can track several dozen indicators in real time in a generalized, graphical, detailed tabular form.

Some of the functions have been fully implemented, while others are still in the works.

— And what have we achieved?
Previously, there were  tables in Excel, now they are electronic tables on the site.
How is it better? How does this translate to convenience and speed?

 

The result is a simple and functional 
personal account

 

A customized login page with photos of real EVRAZ production sites

Desktop with customizable widgets, updated 

with shipping and payment data

Each user can customize the screen to display only the widgets they need.

When internet connection is slow, there's also the option to turn off heavy graphics and visual effects.

Company news page with subscription and filter features

The personal account of the EVRAZ client supports three permissions. All functions are accessible from phone, tablet and computer.

The interface is made in a responsive layout based on Bootstrap technology .

The version for print, RSS-broadcasting and selection by news date have been implemented.

Functional and simple tabular interface

It is worth telling the story of the emergence of the universal tabular interface.

Users liked the tool so much, that it received  many new functions




The prototype has become a convenient and secure tool for working with data


The interface supports basic and extended views.
There is uploading to CSV, expanding to full screen, the ability to send data by e-mail.

The tabular interface is made universal and is used when working with any data presented as a set of related rows.

The main features have been implemented, work on the development of the personal account continues.

Personalized interface settings provide convenience and functionality

We have worked hard on customer convenience. The result is context-sensitive data management tools, tooltips, and interactive menus.

Also implemented user-configurable personal filter views.

These tools make it easier to work in a web interface with a large amount of data.

Information security, data 
exchange and access control

 

The personal account of EVRAZ clients is
made on the 1C-Bitrix system, meets security requirements and is integrated with the company's internal information systems.

In the project, almost all aspects of the site's work on Bitrix have been changed.
Authorization, work with data and integration with the customer's accounting system are designed taking into account the specifics of the Customer's information architecture.

The project architecture includes 3 servers

  1.  MSSQL database server (staging database, PDB);
  2. server with CRM documents;
  3. Bitrix VM server with 1C-Bitrix: Site Management. 

Registration and authorization

Remember the classic user registration scheme. Login, password, "welcome", you thought about that, right? And here is the real scheme.

Why is that? That's why:
  • users are stored in an external database;
  • moderation is carried out by several different administrators;
  • registration is temporary and will expire in a few days;
  • the site sends 16 different notifications to all participants in this process at different stages.

Access control

The main requirement of the client's security service: full control over the data. Roughly speaking, no SELECT without checking. There are several groups of users, they have a different set of columns in the tables. Not all rows are available to each user, but only his data.

Access control

The personal account provides a large amount of financial information, so the security requirements were very serious. The following attack vectors are considered:

  1. Vulnerabilities at the site server level:
    1. 1 Server software vulnerabilities
    2. Gaining access to the console of the server on which the site is located
  2. Vulnerabilities at the level of the CMS and the site itself
    1. Gaining access to the site control panel
    2. Gaining access to the program code of the site
    3. Vulnerabilities in the program code of the site
  3. User browser vulnerabilities
    1. Stealing login / password from a specific user of the site


To protect data from unauthorized access, we have implemented a special storage distribution scheme.

Commercial information is stored on the MS SQL database server, which is separated from the site database on 1C-Bitrix.

Double authorization of access to commercial data through the mechanism of “sessions of access to commercial information” is used.

The development of a personal account for EVRAZ clients is a complex integration project carried out by INTERVOLGA.

The main results are shown on this page and the project continues to evolve.

The INTERVOLGA team expresses gratitude to the EVRAZ employees for interesting tasks and perfect communications. Thanks!

Have questions? Contact us:

+7 (495) 648-57-90 - Moscow
+7 (8442)95-99-99 - Volgograd

info@intervolga.ru

Or fill out the form below - we will contact you ourselves and discuss your project.
CRM form will load here