Who is DX Labs?
As a technology partner for many large Middle Eastern brands, DX Labs operates in Egypt and United Arab Emirates as Digital Shadow Information Technology. DX Labs is not just about technology. It is about how to utilize today’s technologies and transform it into innovative solutions for their customers. DX LABS’ employees and passion push the needle in advancing software evolution.
Secure Onboarding – a Lengthy Process
When DX Labs received what looked like a simple query for password management support from one of its banking clients, it suggested Micro Focus NetIQ Self-Service Password reset which was implemented to lower the cost of password administration. However, further discussion around the subject showed a more complex issue around identity and access management. Banks leverage the SWIFT network to send and receive information about financial transactions in a secure, standardized, and reliable environment. New regulations for banks in the Middle Eastern region require more detail and visibility around application access, with banks needing full transparency in who accesses what when. This is easier said than done, as Ahmed El-Saftawy, Sales and Pre-Sales Director with DX Labs, explains: “Our client has a mix of ‘home-grown’ and commercial applications, all customized to specific banking and money transfer requirements. Each system requires its own set of credentials, so one user has multiple credentials to maintain strict security between applications. These independent account credentials are very difficult to manage and map for the systems owners.”
El-Saftawy continues: “Onboarding new employees was a manual and time-intensive process. Our client also needed a better way to disable accounts when employees leave the bank or when a user is transferred to another department. We work with SWIFT-enabled applications and there is always a risk that a disgruntled ex-employee maintains their access and can defraud the bank. The organization wanted to automate an identity management workflow to easily provision new users, modify existing users when job changes occur, and terminate users in real-time when employees leave the organization.”
SWIFT Integration for a Seamless SSO
The bank decided on a three-phase implementation project, consisting of identity and access management, governance, and multifactor authorization. Following a thorough market evaluation of available identity management solutions, DX Labs recommended Micro Focus NetIQ Identify Manager, designed to manage the complete identity lifecycle of entities across a diverse and hybrid infrastructure. In close cooperation with Birchford, a local partner committed to making the business of money movement efficient, reliable, and seamless, DX Labs created a unique approach. By integrating Identity Manager with the SWIFT interface within banking applications, the client bank can enable a seamless single sign-on (SSO) experience across the enterprise, including SWIFT users.
Identity Manager’s Designer feature offers the ability to produce access-request workflows that can dramatically reduce the administrative workload with no programming or customization required. Identity Manager works in tandem with Micro Focus NetIQ eDirectory as a centralized ID credentials repository with a full-service secure LDAP directory. This enables the team to activate, change, and remove users quickly and reliably without making manual updates in multiple systems. eDirectory synchronizes identities across source systems, taking into account data authority and quality. “Our client was able to see the benefits of Identity Manager and eDirectory straight away. New user onboarding would take at least two working days, with manual form filling and processing. Now that this is all automated in a seamless workflow, it takes just two hours to provision a new user and assign credentials for any required systems; a time saving of 80 percent, along with the massive decrease in human error rate involved in the manual process,” comments El-Saftawy.
Administrative Effort Reduced by 60%
The solution is entirely role-based, with a very clear view on which roles require access to which solutions. Standardizing this enforces restricted access to sensitive information and it strengthens authentication without negatively impacting productivity. If a user leaves or changes roles this is immediately reflected in eDirectory and Identity Manager will take the necessary action by activating the relevant approval workflow. This ensures inactive account credentials are disabled straight away, eliminating the risk of misuse. “Identity Manager and eDirectory have not only reduced our administrative workload by at least 60 percent, they also provide a very clear access overview for our management, which is very useful in the highly regulated banking sector,” says El-Saftawy.
He concludes: “In collaboration with Birchford we are working with our client to implement the Identity Manager solution in other countries, to cover all 15,000 regional banking users. Identity Manager has already started shaping the overall access governance within the bank, and we are investigating Micro Focus NetIQ Advanced Authentication to introduce multi-factor authentication into the SSO solution and avoid a single point of failure, covering all core applications. At the same time, Micro Focus ArcSight, including ArcSight SOAR, is being considered as the SIEM environment for the bank operation. One of the reasons our client felt confident about our Micro Focus recommendation was the breadth of solutions and the integration capabilities available. Our client feedback has been very positive, and we believe other banks can also benefit from this solution by implementing this use case.”