One of the stories to come out of the Gartner Security and Risk Management Summit in Sydney this week was ING’s implementation of SailPoint IdentityIQ technology to reduce identity-related compliance
agony pain effort. Here’s the guts of the benefits in the case study:
Within 90 days of the IdentityIQ project commencing in August 2010, ING DIRECT Australia had implemented an IAM system that
has enabled it to:
Unify and consistently enforce access control-related business policies and processes to better manage risk
Apply preventative and detective controls to streamline identity-related compliance and audit activities
Automate cumbersome and error-prone manual processes for user access reviews
Identify and correct separation-of-duty (SoD) violations as part of
the user access review process
Gain visibility into user access entitlements and privileges
Improve service delivery by IT thus creating operational efficiencies
Improve the effort associated with executing a certification cycle by 98%, from 184 hours and two staff members to 4 hours and one staff member.
Having seen a few demonstrations of Sailpoint IdentityIQ in previous lives, it makes User Access Review/Re-validation (UAR) look almost sexy.
For your further reading pleasure:
- ITNews coverage: ING Direct Australia overhauls access control
- First Point Global’s blog post on the Gartner Security & Risk Management Summit
- FPG’s Case Study
- Gartner event page: Case Study: ING DIRECT Australia — Identity Governance Don’t ‘Just do it’!