One of the largest insurance providers in Canada of property and casualty, with over 14,000 employees, $10 billion in total annual premiums and insuring more than five million individuals, businesses and public sector clients throughout Canada and the U.S. This client prides itself on being people focused, inside and outside the company. It aims to provide world class service and products through a highly engaged workforce. To keep employees engaged, one of the key pillars of their values is to provide a frictionless employee experience when it comes to technology. This client set out to upgrade its identity management system to keep up with the times and address some of the feedback it received from users who complained about an out of date and inefficient system.
After spending a large amount to implement and maintain ISIM and ITIM, their legacy identity management system, the client realized that their current solution was not suitable for their needs, including true access governance controls. As in many companies, performing well during governance reviews is a positive sign of high security standards and procedures. Which is why improving their access request, role management and access certification process was a top priority for the client. The client also needed to address user feedback around the inconsistent and inefficiency of the current manual process. The client had purchased a solution but needed to partner with an expert to help them realize its full potential and show ROI to the business.
THE CLIENT’S OBJECTIVE WAS TO:
- Improve controls and reduce risk
- Improve end user experience
- Improve operational efficiency
- Automate processes
Initially, KeyData carried out a series of focused workshops and interviews with application owners, as well as business and technical stakeholders, to identify their issues, pain points, technical environment and limitations. A detailed current state assessment was delivered by KeyData outlining the findings, root cause analysis and recommendations to address their gaps pertaining to governance, people, processes and technology. KeyData developed target state processes with a proper balance of controls and a target state IAM architecture and roadmap to replace their legacy ISIM environment.
KeyData developed an IAM roadmap which considered the client’s desired state of people, process and technology. It also considered low hanging fruits, business priorities, specific objectives/targets, dependencies, and change management considering the client’s readiness and appetite for change.
This client implementation entailed a new Access Certification process and automation to manage access certification in compliance with policy 52-109 (an insurance specific regulation). This automated process streamlined the error prone and timeconsuming manual process of checking and revoking user access.
Implementation also included the following:
- Establishing IAM program governance
- Leading the technical implementation of the SailPoint technology
- On-boarding, off-boarding, cross-boarding users to logical and physical assets
- Privileged accounts integration
- Clean-up of access rights and thousands of orphaned accounts
- Metrics and measures for the project as a whole and for each implementation phase
Through the success of the initial implementation phase, KeyData was retained to assist with rolling out the remaining roadmap components which included role management, access request and completely replacing their legacy IAM solution with a new best of breed solution.
AT A GLANCE
Multinational Insurance Organization
The existing identity management system was not suitable for true governance and could not keep up with the pace of their business. The client needed help selecting a new solution and a partner to help build and implement a holistic roadmap.
SERVICES PROVIDED BY KEYDATA:
- Conducted IAM current state assessment
- Developed IAM target state architecture, strategy, roadmap and implementation plan
- Managed execution of IAM program
- Developed business requirements
- Developed the technical design, solution configuration, integration and customization of SailPoint IIQ
- Developed and deployed training for staff