Challenge

FDM Document Dynamics needed to ensure its clients had easy yet secure access to their documents. The company had an online portal, but the authentication solution was overly complicated – both for the users and for the IT team – and its performance was weak.

To add new users, the IT team needed to make changes to three different environments. It was similarly difficult to securely remove users when they no longer required access. The existing solution did not come with password management features and FDM had been forced to create its own application to handle this. Finally, FDM felt that there was insufficient support from the vendor of the authentication solution.

Aiming to simplify the authentication process for users, and to reduce the administrative burden on IT, FDM Document Dynamics looked for a better and more sustainable solution.

Solution

FDM Document Dynamics chose Access Manager and Identity Manager. A major factor in the selection of the new solution was security: FDM saw a constant move towards stricter security policies among its clients, particularly clients in the financial services and banking sectors who had to comply with local laws and global regulations.

“We had very stringent requirements for security, yet we also needed to have a user-friendly system that would facilitate access to documents,” said Massimo Sabbadini, IT manager at FDM Document Dynamics. “The combination of Access Manager and Identity Manager enabled us to achieve both goals.”

FDM worked with Omnitech, a leading IT specialist in Italy, to deploy and support the solution. Users of the portal now log in using a single set of credentials, gaining access to all of the applications and data they are permitted to see. Each of the 60,000 users typically can access between one and three applications.

“Each of our clients instructs us on the access rights for each type of user,” said Sabbadini. “For example, if an insurance broker wants his salespeople to have access to certain documents, we can easily create a policy and apply it to the relevant groups of users. In this way, we can regulate access without significant effort.”

When users log in, Access Manager checks their credentials against the master records held in Identity Manager and grants access accordingly. The solution enables FDM to clearly see who has access to which documents, helping ensure compliance with data protection regulations.

Using the built-in federation services, FDM is even able to let its clients extend the portal to their own partners, suppliers and clients. For example, an insurance broker might wish to share a subset of its archived documents with an independent insurance salesperson; with federation services, the insurance broker can easily create a new user with the appropriate access rights.

Results

The new user portal based on Access Manager is faster and easier to use, both for clients and for the IT team at FDM. In practical terms, this means that clients get the information they need more rapidly than before, and the IT team can spend more time on other priorities instead of repetitive user-management tasks.

“Password management is built into the solution, and we plan to deploy self-service tools for users in the near future, further reducing the workload on our side,” said Sabbadini.

The solution offers single sign-on, so users do not need to remember separate passwords or waste time logging into each individual system they need to access. Complete tracking of all successful and unsuccessful attempts to log in helps both FDM and its clients ensure compliance with information security policies.

“We are confident that we now offer greater security for confidential information, and we have simultaneously made it easier to access, thanks to Access Manager,” said Sabbadini.