Challenge

The company had worked hard to establish a robust IT infrastructure. NetIQ Identity Manager and NetIQ Access Manager provided authentication and authorization for a suite of business-critical applications. However, with the company becoming more globalized over time, it wanted to extend its IT infrastructure to achieve more control over the flow of information throughout its global operations.

With 100,000 geographically dispersed users, and a highly complex and heterogeneous IT environment, it also needed to improve its IT processes, as a spokesperson explains: “Provisioning new user accounts would take at least a week and we wanted to improve this so that new hires could be productive straight away. Every change in a user’s circumstances, i.e. a role change or a relocation, would require manual intervention to change the user profile accordingly. We also wanted to automate our password processes. Our service desk would answer 17,000 queries each month to reset or change passwords. Finally, we operate in a highly regulated industry and need to meet compliance requirements. It was not easy for us to provide the reports and data which the auditors need and we wanted to streamline this process to provide much more transparency. Overall, we needed a fully global process to provide secure access to the relevant applications."

Besides that, a decision was made to support the deployment of a global instance of SAP and to extend the identity and access management (IAM) solutions to cover all countries and core business applications.

Solution

Although Micro Focus was in use already, the company evaluated other IAM solutions to ensure it had the right approach to support the long-term strategy. SAP integration was critically important and with a multi-level, complex, profile categorization, this proved a problem for the other IAM solutions. As the regional experience with Micro Focus had been very positive for many years, the company embarked on the global project with Micro Focus.

SAP holds very sensitive company data and to provide a deeper level of risk analysis and transactional security, the SAP governance, risk and compliance (GRC) module was implemented, and integrated with the IAM system. As a further security measure, the company adopted the “segregation of duties” principle (having more than one person involved in a task completion) and these controls were reflected in the IAM system. The IAM system also integrates with central and local Active Directories which control the network from end to end.

NetIQ Self Service Password Reset (SSPR) was introduced to release the burden on the service desk and help enforce stricter password policies, as a spokesperson comments: “Giving our users a self-service option with SSPR has reduced the number of tickets to our service desk from 17,000 to 2,000 a month, a fantastic productivity gain. We also increased the complexity of our passwords, improving our overall system security.”

NetIQ Sentinel was implemented to provide sophisticated auditing and reporting capabilities, as explained by a spokesperson: “We are audited on SAP access and Sentinel is great for this. It also keeps a log of any system access so if we have any data breaches we can take corrective action immediately and minimize the risk of damage to our business.”

Results

The IAM solution is scalable and ready for future growth. Identity lifecycles are now automatically tracked and amended where necessary. A global HR system will be implemented which will open up new IAM opportunities such as role-based provisioning and single sign-on capabilities.

The spokesperson comments: “By automating so many of our global IT processes through the IAM solution we have reduced the time it takes to provision a new user from one week to one day, and the introduction of a global HR system has the potential to bring this down to just two hours, massively improving our global productivity.”

He concludes: “Our Micro Focus solution is a key foundation component in the company and touches everything we do. The skills to build an environment like this are quite specific and not easily available in Latin America. We wouldn’t have been able to do this without the great professional services support we received from Micro Focus. Together we’ve created a stable, secure, and flexible IAM environment which will serve us long into the future."