ValueEdge: Value Stream Management
Align corporate investments with business strategy
Continuous quality from requirements to delivery
Scale enterprise SCCM with security and compliance
Resilient AI-powered functional test automation
Enterprise-level requirements management
Deliver continuous application performance testing
Plan, track, orchestrate, and release applications
Govern quality and implement auditable processes
Automate deployments for continuous delivery
Build business applications using new tools & platforms
The leading solution for COBOL application modernization
Modernize mainframe applications for the Cloud
Modernize host application access
Discover the future of CORBA
Modern mainframe application delivery for IBM Z
Secure, zero-footprint access to host applications
Access host data and automate processes with RPA
Multi-factor Authentication for IBM z/OS endpoints
Build secure software fast
Augment human intelligence
Discover, analyze, and protect sensitive data
Drive IT ecosystem with identity-centric expertise
Deliver simplified, secure access to users
Scale to billions of identities with IGA platform
Gain control of privileged user activities
Track changes and activities in managed services
Get fast, accurate detection of threats
Analytics for text, audio, video, and image data
Reduce risk, cost, and maintenance, and T2M
AI and machine learning for data analysis
Enterprise backup/disaster recovery
Unified traditional and mobile device management
Meet regulatory & privacy retention requirements
Email, IM, and chat-based collaboration
Mobile workforce communication & collaboration
Secure critical file storage and print services
Manage IT & non-IT services with automation and AI
Discover, monitor, and remediate with AIOps
Monitor and optimize complex networks
Discover, manage, and map configurations & assets
Accelerate provisioning with governance in place
Automate and orchestrate processes end to end
Manage IT & software assets for better compliance
Automate server provisioning, patching, and compliance
Automate screen-based human actions with robots
All Micro Focus learning in one place
Build the skills to succeed
Streamline software delivery for faster value
ValueEdge: Value Stream Management
Align corporate investments with business strategy
Continuous quality from requirements to delivery
Scale enterprise SCCM with security and compliance
Resilient AI-powered functional test automation
Enterprise-level requirements management
Deliver continuous application performance testing
Plan, track, orchestrate, and release applications
Govern quality and implement auditable processes
Automate deployments for continuous delivery
Access all products in application delivery management
Modernize Core Business Systems to Drive Business Transformation
Build business applications using new tools & platforms
The leading solution for COBOL application modernization
Modernize mainframe applications for the Cloud
Modernize host application access
Discover the future of CORBA
Modern mainframe application delivery for IBM Z
Secure, zero-footprint access to host applications
Access host data and automate processes with RPA
Multi-factor Authentication for IBM z/OS endpoints
Access all products in Application Modernization & Connectivity
Security at the core to everything you do; Operations, Applications, Identity and Data
Build secure software fast
Augment human intelligence
Discover, analyze, and protect sensitive data
Drive IT ecosystem with identity-centric expertise
Deliver simplified, secure access to users
Scale to billions of identities with IGA platform
Gain control of privileged user activities
Track changes and activities in managed services
Get fast, accurate detection of threats
Access all products in CyberRes
Trusted, proven legal, compliance and privacy solutions
Analytics for text, audio, video, and image data
Reduce risk, cost, and maintenance, and T2M
AI and machine learning for data analysis
Enterprise backup/disaster recovery
Unified traditional and mobile device management
Meet regulatory & privacy retention requirements
Email, IM, and chat-based collaboration
Mobile workforce communication & collaboration
Secure critical file storage and print services
Access all products in Information Management and Governance
Simplify Your IT Transformation
Manage IT & non-IT services with automation and AI
Discover, monitor, and remediate with AIOps
Monitor and optimize complex networks
Discover, manage, and map configurations & assets
Accelerate provisioning with governance in place
Automate and orchestrate processes end to end
Manage IT & software assets for better compliance
Automate server provisioning, patching, and compliance
Automate screen-based human actions with robots
Access all products in IT Operations Management
Give your team the power to make your business perform to its fullest
Medica is a non-profit health plan that serves communities in 9 central USA states. Medica partners with the communities it serves in many ways, including the Medica Foundation, a nonprofit, charitable foundation, which provides more than $1 million in grants annually, to fund community-based programs and initiatives that provide sustainable, measurable improvements in the availability, access, and quality of health care.
INDUSTRY
LOCATION
PRODUCTS
Subject to strict regulatory compliance, Medica conducts regular access reviews across its application landscape, to ensure that its 2,000 users have the correct access rights. This was done annually, but when a decision was made to move to quarterly reviews, in line with industry best practices, this posed a challenge for the IT Security team, as Brad Abbott, Senior Manager, IT Risk, Identity and Access Management for Medica, explains: “The access review process was manual, time-consuming, and labor-intensive. We would pull user access reports from our 30+ applications into a spreadsheet, identify each user’s manager, send them an email with the spreadsheet to verify access rights, correlate the response, chase any nonresponses, and then finalize a list of access removals and changes. It would take 6-8 weeks to complete the process. With this time-lag there was always the risk of errors.”
Clearly this was not sustainable on a quarterly basis. Medica also wanted to expand the number of applications included in the access audit which was not possible with the manual process. In consultation with its technology partner PDS, Abbott investigated Micro Focus’s NetIQ Identity Governance.
Medica uses Micro Focus’s NetIQ Identity Manager and Access Manager to manage the user base, as Abbott explains: “Identity Manager is used as our single source of truth. Fully integrated with our Human Resources (HR) systems, it automatically generates network IDs and email accounts for any new-hires. This streamlines the on boarding process and boosts new-hire productivity. Access Manager provides single sign-on capabilities for 30 Medica applications to all users, including any remote workers, such as clinical nurses working on location with our members. Access Manager also provides seamless access to our online portal applications for over 200,000 of our members.”
PDS supported the Identity Governance implementation and co-ordinated a pilot to ensure it offered Medica the functionality and integration required for streamlined access review. Following the successful pilot, PDS managed a handover to the Medica engineering team. Medica has now completed its first Identity Governance-driven access audit. This covered 200 managers, which represents close to 100 percent coverage. The number of audited applications increases with every audit round. Abbott comments: “The whole access audit process took just 13 business days, a phenomenal time saving for us. Of course, now the parameters are defined within Identity Governance, next quarter’s audit will require hardly any intervention from us, and will run mostly automatically.”
Medica identified 268 access removals which is higher than the average it previously captured. Identity Governance simplifies decisionmaking by providing business critical context to Medica business users conducting access certifications. The simple user-interface encourages participation. Abbott received great feedback from his business users: “We ensured this new process received executive buy-in, and the response from our business users has been overwhelmingly positive. The process was easy for them, and they much preferred it over having to provide their input via email and spreadsheets.”
For this audit cycle, Identity Governance tracks removals through manual fulfillment via ServiceNow, Medica’s service desk. In the near future, the team will introduce seamless closed-loop revocations, integrated with Identity Manager.
Having a unified identity and access management strategy has paid dividends for Medica. The integration between Identity Manager and HR has improved security and user productivity. Access Manager’s SSO capabilities have made life easier and more efficient for Medica staff, as well as members. Abbott has some future enhancements on his roadmap too: “We’re investigating role-based provisioning and have started a pilot within our call center, the department with traditionally the highest turnover. We have worked with the call center managers to define the roles and will now integrate this into our on boarding process to streamline the hiring of new call center staff.”
Medica is a fast-growing organization with ambitious plans for the IT team to support. Freeing up IT Security staff from spending 6-8 weeks on the access auditing process means Medica can provide value-add activities to its internal stakeholders, and expand its security program.
Abbott concludes: “Introducing Identity Governance ensures our continued compliance and automates a time-consuming and tedious process for us. We enjoy working with PDS and Micro Focus. PDS has extensive IAM experience within our industry and is a knowledgeable resource for our implementation and integration work. The partnership between the three of us works extremely well."
NetIQ provides security solutions that help organizations with workforce and consumer identity and access management at enterprise-scale. By providing secure access, effective governance, scalable automation, and actionable insight, NetIQ customers can achieve greater confidence in their IT security posture across cloud, mobile, and data platforms.
Visit the NetIQ homepage to learn more. Watch video demos on our NetIQ Unplugged YouTube channel.
NetIQ is part of CyberRes, a Micro Focus line of business.
The whole access audit process took just 13 business days, a phenomenal time saving for us. Of course, now the parameters are defined within Identity Governance, next quarter’s audit will require hardly any intervention from us, and will run mostly automatic.
Introducing Identity Governance ensures our continued compliance and automates a time-consuming and tedious process for us. We enjoy working with PDS and Micro Focus. The partnership between the three of us works extremely well.