About Client
Identity Management Solution
USA
Insurance
Challenges
- In most of large organization permission management and system wide authentication is mainly controlled by IT administrator. This is effective until the cost of IT administration is not substantial or the complexity of infrastructure is not very high. In large organization infrastructure and software systems gets rapidly complex and thus difficult to manage and control. It is also difficult to handle various user requests related to password change, forget password, locked account, permission changes on systems and temp permission assignment. It is even complex to keep track of permission changes and make it audit enabled.
- Client was designed out of this critical issue of IT management where in it is necessary to see business systems and its permissions from the prospective of job functions and organizational roles and to gain control of the administration of internal and external users and their access rights within the organization.
Technical Objective
- Large organization has heterogeneous IT systems like AD, LDAP, Exchange, SAP, Oracle, SQL Server based system.
- Large organization has large set of IT users from different locations and of different roles and responsibility.
- Audit and data safety is prime concern of IT infrastructure
- Organization has various type of access permissions and methods like LAN, VPN etc.
- Large organization has frequent requirement of new user, permission changes to existing users.
- IT administration is expensive and requires specialized skills.
Solution
- PSSPL team provided solution based on identity management concept driven by organization setup.
- System hides all complexity of setting up permission sets, configuration of systems from end user.
- User can request user creation, job profile change or temporary permission assignment thorough simple to use interface.
- On IT admin side, IT admin can configure various systems and their parameters and management and IT department generates combination of systems and permissions required by various job functions across organization and configure it with easy to use interface.
- System drives entire process through complex workflow with auto approval, auto expiry and auto assignment logic to seek approval of manager of employee in process, all system owners who manages business systems and finally of IT admin, Once approved a highly sophisticated engine interacts with end system like AD, Exchange, oracle, sql server, SAP etc. to create/deactivate user, change their permission, reset their passwords etc. as required. While doing so system keeps track of each request and action into encrypted audit logs which can be searched and scanned for any security breach indication.
- System also does a reverse check to ensure in the environment controlled by UMS no user has permission which is not in line with configuration in UMS. Any violation is captured, audited and rectified by action configuration/manual intervention of IT administrators. System has highly configurable plug-ins which can be easily extended to add any new system/protocol in short span of time.
Benefits
- Reduced cost of IT management
- Reduced time for user management and right management
- Assured right propagation and its compliance
- Fully audited system enabled easy complied with data safety standards
- Quick roll out of new IT system in very short span.
- Complete control of business over systems and their permission.
Technology Stack
