SailPoint IdentityIQ
E-commerce is a dynamic and fast-growing industry across the globe. This industry requires multiple facets of technology and workforce to deliver simple and effective daily life solutions to citizens across. The workforce involves disparate types of people viz. technical folks to deliver technical solutions catering to internal purposes, catering to end users and catering to vendors; businesspeople who work with vendors to onboard all types of supplies; people from finance, people who call and support customers and finally the vendors who are the ground force. These myriad numbers of people are involved in dealing with a customer PII (Personally identifiable information), financial information, and a customer's psychological patterns which are crucial data. In this world of information and a world full of people who are concerned about their privacy, protecting customers' data becomes quintessential.
A similar challenge faced by one of the India’s leading e-commerce players, who wanted to automate their user lifecycle management process and centralize their governance is described in this article.
A brief overview of the customer
Annual Revenue (2022)- INR (Indian Rupee) 511 bn
Employees- 15,000+
The company had multiple scenarios dealing with data and its boundaries which will enhance it security portfolio. A crucial issue was-
1. On boarding multiple users on a single day.
2. Enabling them to perform their actions on day one without loss of valuable working hours.
3. Toxic combination/Segregation of duties to ensure data boundaries.
4. Ensuring compliance by limiting or de boarding users in the right time.
To provide solutions for these complex challenges, SailPoint's IdentityIQ, Identity governance solutions was identified as the impeccable match. SailPoint’s IdentityIQ has the capacity to integrate COTS (commercial of the shelf) & inhouse built applications, automate user lifecycle management, provision service accounts, analyse permissions, entitlements to build roles that can be assigned to the employee's needs, centralize governance with attestation(review), and generate reports.
领英推荐
The result of this comprehensive solution was a significant improvement in user lifecycle management and governance. The company was able to centralize access control, reduce errors and inconsistencies, and achieve compliance with regulatory requirements and also improve their profitability with respect to user productivity. Most importantly, the company was able to reduce the risk of security breaches and protect sensitive data.
Implementation:
Following were the implementations covered by SailPoint
1.?Application Integration using web services connector for automating the user lifecycle management.
2.?Service Account Management: creating a form-based approach in which the user can create, request for ownership of service account and delegate the service account of one platform application to another service account owner in the same platform.
3. Role Based Access Control: Entitlement analysis with respect to common entitlements that are attached to the group were mined by SailPoint and accordingly roles were generated with respect to the common entitlements that were seen in the platform applications.
4. Certifications: SailPoint become a centralized solution to manage access reviews and certifications for platform and non - platform applications with the following types of certifications:
Take away:
SailPoint’s IdentityIQ can automate the complex user lifecycle management workflows, even for the homegrown applications. It also provides in depth entitlements analysis for the roles exist in the organization. With the help of AI backed modules, it can also recommend new roles with common role-based accesses. It centralises the access reviews and report generation of the users.