Empowering 500+ IAM professionals to take better access decisions
Give everyone involved in IAM access to the information they need
As a highly-regulated bank, our client has to have control over its users and their accesses. Our client already had a mature IAM set-up in place, including a centralized IGA tool and governance processes involving line managers, application owners, compliance managers and IAM specialists.
The information given to these people in the typical access requests and reviews is limited however.
Our client wanted to better assist these people by providing them better information of the users, roles and applications in the organization. Distributing this information through tools such as Qlik Sense or Excel was too time-consuming and manual; and granting all of these people access to their central IGA tool was too risky.
We helped our client by bootstrapping a data analytics program specifically for identity and access management, including a self-service identity analytics portal for everyone involved in IAM.
In total, we empowered more than 500 IAM professionals across the organization by providing them the information they needed to take up their responsibilities, improving risk, efficiency and user ease.
Collect: To kick off the project we identified, together with the client, in which systems most of the relevant identity data resides. For the purpose of having control over the users and their accesses, that turned out to be their main IGA tool, Active Directory, CMDB and the HR system. We assisted our client in setting up a mature IAM data mart, including automated data collection and consolidation.
Empower: The data mart enabled our client to answer any identity question they had. To provide this data to the people involved, we set up Elimity Insights as a self-service intelligence platform specifically for identity data. Including an easy-to-use query engine and powerful visualizations such as peer and pattern analyses, the platform enabled them to gain thorough insights on every decision they had to make. To consolidate the adoption of this platform, we helped our client set up training sessions and supporting material for all of its end-users.
Control: In addition to the analytics, our identity intelligence platform also allows users to formalize controls and set up personalized dashboards to track these controls over time. This enabled the users to keep track of the identity risk for their scope (e.g., department, application, roles) even easier. At this point our client tracks more than 120 controls in their identity intelligence platform.
More than 500 employees in the organization, ranging from business to IT, now have access to all the information they need to take on their IAM responsibilities.
Providing everyone involved in identity and access management with the insights they needed, improved their engagement and the quality of the access decisions they took. This in turn improved our client's risk posture and operational efficiency.
Assisted clean-up of access issues
Improve your IT risk posture
Our client wanted to improve its IT risk posture by cleaning up access issues that had accumulated over the years. Instead of pushing this to the future or randomly cleaning up, we used our platform in order to apply a risk-based, data-driven and iterative approach, enabling our client to see value immediately.
Data-driven and incremental approach to SoD
Cost-effective implementation of SoD policy
Defining separation of duty (SoD) rules is traditionally a cumbersome process. Instead, we applied a fundamentally new approach to SoD and provided our client with a first set of SoD rules in just a few weeks.
Designing a role model in 2 days instead of 12 months
A cost-effective approach to role model design
To help our client assign access rights in a more structured way, we provided our client with a suitable role model in just 2 days by applying a data-driven and iterative approach.