Identity and Access Management (IAM) implementation for US’ leading consumer credit reporting agency
A consumer credit reporting agency leader based in the USA was looking for building IAM solutions covering 100K users that included employees, 3rd parties and Suppliers. The engagement also extended to supporting the run operations through a managed services model that covered:
- User life cycle management
- Governance and compliance
- Centralized user access management
Mindtree’s cybersecurity services team was involved in building and implementing an end-to-end solution with a state of the art IAM solution in the market. We are also managing the client’s identity support center for the services listed above.
The client’s infrastructure was operating on outdated, carry legacy identity policies to identify and authorize users. Their solution was based on on-premise infrastructure and they were spending high costs to manage the user identity lifecycle, application onboarding/access, and disparate credentials for almost every application/system implemented for their critical business services. Moreover, their identities were stored across multiple repositories, which resulted in the lack of a single version of truth for delivering a uniform and seamless access.
This rendered multiple issues and security lapses/incidents in the client environment. The client was looking for an experienced partner to deliver a swift upgradation of their IAM infrastructure where they could meet the business requirements for access management, user provisioning/de-provisioning, and updates using automated solutions or self-servicing capabilities with minimal intervention from the IAM support team.
RPA driven automation process for various operations & support of IAM solutions
- Addition and removal of users from security group
- Removal of users from security group
- Entitlement cleanup
- Correction of the invalid entitlement owner in SailPoint
- Automated certiﬁcation process
- Auto-escalation process for manager or entitlement owner
In the earlier scenario, the client had manual process in place for addition, modiﬁcation, deletion and clearing of entitlements. Mindtree’s RPA team facilitated automated workﬂow for managing all the above mentioned scenarios which in turn reduced the turnaround time for ticket (incidents/service requests) closures and reduced man hours to 1500 hours per month which was previously 1750 hours per month.
Mindtree worked closely with the client to understand the business requirements to be delivered via the new IAM solution. Our IAM specialists documented the current landscape and gaps to conclude that the solution to the client’s problems was a centralized access problems was a centralized access management system that can automate the above challenges.The assessment was also onboarded by the client
Our team proposed SailPoint as the best-ﬁt solution to meet the customer’s requirement and they implemented a centralized access management system comprising of the following components:
- All users are identiﬁed and authenticated by using a single centralized IAM solution. Therefore no more multiple user identities, passwords and roles to be managed by the users and the backend operations team
- Centralized automation of user lifecycle management (provisioning, modiﬁcation, de-provisioning) was established
- User provisioning time reduced for major business-critical applications. Users can avail self-servicing capabilities to deal with their day-to-day requirements
- Seamless authentication and authorization for all the 30+ business applications
- Enabled multi-factor for applications that deal with sensitive data
- Reduced cost of the overall IAM administration by 40%
- Reduced IAM driven security