As a result of the growth of new Bancomext products, the bank required a strategic technology plan to implement new systems over a three-year period. Identity management was a key aspect of this reorganization.
In addition, Bancomext needed to update its identity management processes to enable compliance with recent government regulations, which require financial institutions to use a single solution across all electronic resources used in online banking services. Furthermore, Bancomext wanted to increase security levels in managing user accounts.
“Removing and provisioning access rights to a user was complicated,” said Norma Zaldivar, Head of Systems, Bancomext. “There were potential security risks if elements of this process were overlooked.”
Users were required to remember three to five user names and passwords and log into the bank’s systems one-by-one, which was time-consuming.
“For each application there was a separate access control scheme,” said Zaldivar. “Adding or removing users was a laborious process that took two days and required input from several departments.”
Bancomext evaluated several possible solutions and ultimately decided to implement NetIQ Identity Manager and NetIQ Access Manager.
“We referred to a recent study, which concluded that the solutions offered by Micro Focus® are some of the most complete and competitively priced on the market,” said Zaldivar. “Identity Manager and Access Manager offered all the functionality we required, such as user-provisioning, a self-service password reset portal, and single sign-on, as well as ease of integration with our other applications. Bancomext is running Identity Manager and Access Manager in a SUSE Linux Enterprise Server environment."
“We chose this platform because it is a secure environment in which vulnerabilities can be controlled in an efficient manner,” said Leopoldo Hidalgo, Head of IT Security, Bancomext. “It provides high performance for all of the components and requires only infrequent updates.”
“With Identity Manager, user accounts are automatically created, edited, or deactivated, eliminating the need for the IT department to manually intervene in the process,” said Zaldivar. “As soon as Human Resources add a new user to the system, an identity is automatically generated and the new employee is assigned a user name, password, and email account.”
Bancomext is using Identity Manager to manage all user names and passwords on the network, employing password management policies such as password strength assignment, periodic password change, and password blocking after several failed attempts.
Furthermore, the bank is implementing a system of role-based provisioning. Users are now given hierarchical access rights based on their position in the company. Access Manager provides single sign-on access to all web-based applications with multi-factor authentication via tokens.
The solution has now been rolled out to 900 internal and external users. Bancomext expects the user base to increase to 2,500 users in the medium term.