A dedicated team with specialised skills, reaction times in line with the needs of the business, a high degree of service availability with a focus on planning and complexity management: these are the characteristics that have elected SCAI Group as a reliable partner for the design, implementation and take-over of the digital identity management and control system of a major company in the finance world.
Specifically, the client needed a structure for processing and synchronising data and authorisations between the various systems, in order to automate and centralise the management of employee identities and accounts and to optimise the management of role changes and user account decommissioning.
A complex environment with numerous objects and internal rules to be managed, various types of sources, low integration and correlation between systems, a high ‘business critical factor’ and a tight time schedule made the project particularly challenging.
Thanks to the team’s consolidated experience, together with the certified quality of the Sailpoint IIQ product, SCAI Group was able to correctly implement and manage the entire platform with customised procedure development and a 24-hour support and application maintenance service, reinforced by a structured and proactive problem-solving approach.
The need to automatically manage administrator and privileged access to all of the company’s server and mission critical systems also required the application of Cyberark PAM technology for the privileged access management component.
The two technologies, although complementary, perform different functions: one aims to manage digital identities throughout their life cycle (Sailpoint IIQ) and the other (CybearArk PAM) to organise and segregate privileged accesses (such as administrator users). The combination of these two solutions was certainly a winning move, as through their integration, management processes can be optimised, security shortcomings can be resolved, and redundant processes relating to the management of privileged and non-privileged users can be eliminated.
Thanks to the application of these technologies in a single point, it was possible to manage privileged users in a simple way, but, above all, to grant the client the possibility of activating the organic tracking and reporting of all work sessions, a very important aspect for compliance with the security regulations in force in the financial sector.