<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=2171572209666742&amp;ev=PageView&amp;noscript=1">
Front view of the building of the Cantonal Tax Office of Zurich

Efficient security concept for the Zurich Tax Office before rollout of the digital workplace

With the introduction of the digital workplace, the network topology of the Cantonal Tax Office of Zurich was migrated to a flat network infrastructure. The associated IT risks were carefully analyzed in advance.


«Adnovum’s final report, which summarizes the IT risks and the measures to minimize them, shows how we at the Cantonal Tax Office of Zurich can ensure IT security. It will also serve us as a guide in the future.»

Michael Sonderegger

IAM Solution Architect, Department of Informatics, Canton of Zurich

The solution

In a close technical exchange with the Cantonal Tax Office of Zurich (KStA), we analyzed the security risks that the introduction of the digital workplace and the flat network infrastructure would entail. This was an unavoidable step, because in the future many more clients will potentially be able to access the KStA’s applications.
We summarized the result of the risk analysis in detail in a written document, which not only lists the risks, but also efficient measures to minimize them. The security concept will serve the KStA as a guide, enabling it to gradually initiate the necessary steps and be on the safe side during the demanding transformation.
Learn more

Facts and Figures

  • 10

    cybersecurity workshops conducted

  • 105+

    cyber risks prevented

  • 50

    risk minimization measures defined


Features that changed the game for the KStA

Secure: The KStA is s aware of how its risks change at each stage of the rollout of the digital workplace and the flat network infrastructure

Tangible: The written document quantifies the risks, compares them with specific measures and will also serve as a guide in the future

Up to date: Employees and partners conveniently use digital access to the KStA’s applications 24/7 

How we got there

Since our partnership started in 2005, we have developed various specialist applications for the KStA, for example, ReLa for the administration of physical tax documents and Delphi, which allows generating statistics on the work of tax officers.

In this project, the KStA explained the current situation and the planned introduction of the flat network infrastructure and the new digital workplace in an initial workshop. In a second workshop, we then identified the working methods, the key processes, and the associated assets of the KStA in order to derive possible attackers and their motivation.

The following step was complex, thus requiring multiple workshops. We reviewed the technical situation both as it currently stands and over the phases of the project, including existing and planned security measures. This allowed us to identify the attack surface and threat scenarios. 


Based on this, we determined, quantified and prioritized the specific risks for all phases of the rollout. The result was summarized in a report for the attention of the KStA.


Since the risks increase significantly with the new set-up, we have also developed detailed measures together with the KStA to minimize them and described them in a second report. 

«We particularly appreciate Adnovum’s expertise, which allowed for a productive and solution-oriented technical exchange.»

Michael Sonderegger

IAM Solution Architect, IT department, Cantonal Tax Office of Zurich

This is our client

The Cantonal Tax Office of Zurich employs approx. 750 people. Its core tasks include tax assessments and taxation. Among other things, the Tax Office assesses income and wealth taxes for self-employed and employed individuals, profit and capital taxes for legal entities, and inheritance and gift taxes. In addition, it collects the withholding tax of foreign employees and the direct federal tax. In doing so, the Tax Office ensures correct and legally equal assessment and standardized taxation.