This U.S. local government agency manages and sells state-owned assets, generates multimillion dollar annual revenues and reinvests all profits into public projects throughout the state. As a governmental body, the agency must maintain high levels of security while ensuring unrestricted access to public information.
“In the past, we were not comfortable with providing online access to resources – there were frequent stories of hacks and compromised internet servers,” explained the agency systems administrator and spokesperson. “Additionally, we had to be sure that we did not open up access to internal-only systems or applications by mistake.”
The agency decided to take a different approach to access management to provide easy, secure authentication through its website.
A long-term customer, the agency chose to upgrade to Access Manager after almost 10 years of using its precursor, iChain. The agency created two systems based on Access Manager and NetIQ eDirectory – one secure authentication pool for around 700 internal users and an external system for approximately 5,000 citizens. By mapping user privileges to user identities, the solution enables easy monitoring and role-based control of access rights – ensuring that users can only see their permitted resources.
“Access Manager has completely changed how we present information and applications to the outside world,” the spokesperson explained. “Our system for external users is specifically set up to handle these kinds of accounts, so IT staff are safe in the knowledge that multiple levels of role-based authentication protect internal-only systems. What’s more, Access Manager scales very easily, so as that pool grows, we can just keep adding to it.”
“It is now standard procedure to run all of our internal and external websites through Access Manager, which has significantly boosted security,” the spokesman continued. “We use it to obfuscate every single one of our web servers and provide employees with a single sign-on for all systems.”
The agency uses eDirectory to store user data centrally, which is automatically distributed to relevant systems by Access Manager – something that IT staff previously had to do manually. Automatic synchronization across all connected systems gives the agency a single, scalable point of control for all access rights, enabling efficient monitoring for potential security risks.
“Access Manager comes at an unbeatable price,” the spokesperson said. “On top of that, it is licensed per user rather than by traffic or bandwidth, making it a highly cost-efficient solution.”
With Access Manager, multiple levels of role-based authentication provide strong protection for internal systems so the agency can safely enable external access to systems for citizens with confidence.
With automated user provisioning, employees only need register once, while the self-service password reset feature gives users control over their login details. Anyone who forgets their password can easily reset it themselves without having to call the IT helpdesk – making life easier for employees as well as significantly reducing IT staff workload. By automating these previously manual processes, Access Manager boosted efficiency and productivity at the agency.
“The flexibility and functionality of Access Manager are exceptional,” said the spokesperson. “Single sign-on capabilities ensure a seamless user experience across different systems. It also significantly accelerates employees’ access to resources, as they only have to log in once to be authenticated for all systems.”
“But by far the biggest benefit of Access Manager is increased security,” the spokesperson continued. “Thanks to centralized control over authentication levels and identity-based access provisioning, internal agency systems are now extremely well protected against unauthorized access attempts.”
Building on its success with Access Manager, the agency is currently running a pilot of Identity Manager. “Our aim is to integrate Identity Manager with Access Manager, eDirectory and our HR system to fully optimize our access management processes,” a spokesperson said. “There are always excellent new features being added – it is a great time to be a Micro Focus customer!”