Enterprise-wide visibility and monitoring of users and their accesses
Improve cyber security with identity intelligence
For our client, a government organization with a complex IT environment, proper control of user accesses is a crucial part of the cyber security strategy.
Obtaining an enterprise-wide view of the accesses was, however, not feasible with the current identity management suite, SAP IdM, that only offers basic reporting capabilities.
We helped our client by setting up an enterprise-wide view of more than 160,000 users and their accesses, including automated monitoring, in just 2 weeks of work. This enabled the cyber security team to improve their understanding of their current user accesses, their IT risk posture, and the evolution of those across multiple applications.
Collect: Together with the client we started this project with identifying the systems in which most of the relevant identity data resides. For the purpose of understanding the IT risk posture, that turned out to be the main IGA tool (SAP IdM), Active Directory and the HR system. We assisted our client in setting up a mature IAM data mart, including automated data collection and consolidation. This was fundamental to obtaining a comprehensive view of the identities, their accesses and the associated risks.
Understand: We provided the cyber security team with a self-service intelligence platform specifically for identity data. Out-of-the-box control sets enabled them to get a first impression of the organization’s identity risk posture immediately. Of course, every organization is different and as such we assisted them to modify some of the controls and KPIs as well as to create new ones. That resulted in control sets that were tailored to their needs. Additionally, extensive analytics and visualizations enabled them to dig into the details and really understand the nature of the risks.
Besides understanding the IT risk posture, our client was also in the middle of migrating one Active Directory into the other. We helped them gain insight into the process by putting the identity data to work and showing them the users that were not migrated yet, the users that had accounts in both Active Directories and so on.
Control & report: In addition to the controls and KPIs, each member with access to Elimity’s identity intelligence platform could personalize its own dashboard, ensuring that only the relevant information was displayed, in a valuable way. With the connectors in place, new identity data was loaded in the platform every day and history was kept for every defined control. This enabled our client to track progress – of both risks and projects – over time and deliver detailed change reports and compelling audit trails.
We provided the cyber security team with a comprehensive view of the users, their accesses and the associated risks in just 2 weeks of work. They could now easily report on the IT risk posture and the progress they were making.
By putting their identity data to work and tailoring the control sets to their needs, we helped our client's cyber security team to create a continuous assessment of the situation, a continuous state of control.
Providing the cyber security team with the information and insights they needed to understand and track the IT risk posture, strengthened their cyber security strategy. In addition, they could now use Elimity’s platform to report on the progress that they were making and leave Excel behind, improving the understanding and engagement of other stakeholders such as management.