Business Challenges

A rapidly growing global BPO with a wide array of business applications and 30,000 employees serving over 100 organizations across the globe wanted to implement security controls to mitigate access and identity management risks.

The client’s IT team was relying on manual processes and procedures for account provisioning and access management. The absence of automated controls had exposed the client data and apps to a high level of risk. There was also a burgeoning rise in the number of apps due to rapid growth and rise in employee strength. There was also a steady rise in the employee churn leading to severe challenges in providing end-user services and other access-related requests.

Amid these challenges, the client had to sustain its competitive advantage and reputation as a leading BPO, and they had to ensure clean audits and avoid non-compliance since this could impact customer confidence and financial gains.

They wanted NuSummit Cybersecurity to design and implement an integrated, automated solution to manage the lifecycle of digital identities and access controls across systems.

Business Solution

NuSummit Cybersecurity IAM experts identified the following business requirements:

Mitigate Access Risk

• Timely and guaranteed access deactivation for employees and temporary staff.
• Eliminate unnecessary access to business applications and enterprise services. such as project distribution lists, internet service, printers, shared folders, etc.
• Approve and recertify access to business applications.
• Enforce access control policies and automatically detect

Increase Operational Efficiency

• Rapid and error-free access provisioning in case of employee onboarding, promotion, and transfers across customer projects or locations.
• Eliminate paper-based approvals by digital approvals to ensure easier archival and audits.
• Increase user productivity and experience by reliable time-bound IT services.

Reduce Administrative Costs

Eliminate IT helpdesk dependency for a high volume of routine tasks such as:

• Password resets.
• Management of temporary staff IT access.
• Mailing group management.
• Automate routine helpdesk operations for account provisioning, de-provisioning and access modification.
• Automate effort-intensive exercises such as tracking the progress of periodic access review (also known as access recertification).

The analysis of requirements and available solution options identified Microsoft’s Forefront Identity Manager 2010 as the best fit solution that can automate digital identity provisioning, management, and access removal (de-provisioning) across enterprise applications while providing self-service capabilities to end-users.

NuSummit Cybersecurity followed a phased approach for solution implementation to give a quick and frequent return on investment. Solution features includes:

Automated Identity Lifecycle Management

• Automated access provisioning access removal across 25 applications, including a thriving SharePoint based ecosystem.
• Synchronize with HRMS systems to automate profile changes due to promotions or transfers across projects.

Self-Service Capabilities

• Allow end-users to manage their access /password reset and avoid account lockouts.
• GAL profile management.

Temporary Account Management

• Approval based account creation.
• Time-based account expiration.

Outcomes

The automated identity and access management platform enabled the BPO to:

• Avoid productivity loss by rapid onboarding of employees and temporary staff.
• Strengthen security by removing accesses on time.
• Significantly relieve helpdesk from identity and access management operations.

Key tangible benefits :

• Achieved turn-around time of 1 hour against 40 hours for access provisioning & de-provisioning.
• Automated access management for 30,000 users and more than 5,000 project groups for 25 applications.
• Reduced the helpdesk calls by 80%.