The staff of the ‘monitoring office’ of Investitionsbank Berlin (IBB) used to have a very tough job. It is their responsibility to regularly check the IT authorizations of the financial service provider’s 850 employees. This means that they also play a key role in ensuring that the bank meets all compliance provisions. However, given the steadily increasing number of regulations for the finance industry, manual verification is a time-consuming and error-prone task. What further complicated matters was that numerous IT systems of IBB were not connected to a central identity access management (IAM) system. For these reasons, IBB introduced the Beta Systems GARANCY Suite.
A Consistent Recertification Solution Was Needed
Yet the managers frequently did not understand the details or implications of individual access rights. This made proper and regular recertification, as is demanded by MaRisk (minimum risk management requirements), difficult to fulfil. Worse yet, the auditing firm insisted on receiving an overview of all access rights updated daily. In order to remedy the overall difficult situation and meet this demand, the bank thus issued an invitation to tender to find a suitable IAM system. The bank was also looking into introducing a consistent recertification solution as part of this system change.
The new GARANCY Suite allowed IBB to completely redefine their authorization monitoring and assignment processes. The new workflow does not depend on various people across the company replying to a request. Instead, the software autonomously collects required data from the connected systems and automatically prompts managers in freely definable intervals to recertify access rights. The ‘GARANCY Identity Manager’ provisioning module enables IBB to centrally administrate and control all user-related authorization information (identities, groups, roles) across all IT systems. Access rights are recertified via the web interface of the GARANCY Recertification Center. Here the rights and roles assigned to employees are checked by the defined person in charge and automatically revoked if the manager decides not to extend an authorization.
“The Recertification Center illustrates in a highly structured and comprehensible manner the role of any employee and what systems she uses for what purpose. This makes it so much easier to quickly decide on whether to reassign or revoke access to an application” says Perce Frahm, Department Head Technical Infrastructureat Investitionsbank Berlin. As regards the IBB’s authorization management and certification processes, the auditing firm ‘strongly recommended’ the identity management technology in place.
Further information about Beta Systems’ Identity Access Management solutions is available at www.betasystems-iam.com.
http://www.betasystems-iam.com
A Consistent Recertification Solution Was Needed
Yet the managers frequently did not understand the details or implications of individual access rights. This made proper and regular recertification, as is demanded by MaRisk (minimum risk management requirements), difficult to fulfil. Worse yet, the auditing firm insisted on receiving an overview of all access rights updated daily. In order to remedy the overall difficult situation and meet this demand, the bank thus issued an invitation to tender to find a suitable IAM system. The bank was also looking into introducing a consistent recertification solution as part of this system change.
The new GARANCY Suite allowed IBB to completely redefine their authorization monitoring and assignment processes. The new workflow does not depend on various people across the company replying to a request. Instead, the software autonomously collects required data from the connected systems and automatically prompts managers in freely definable intervals to recertify access rights. The ‘GARANCY Identity Manager’ provisioning module enables IBB to centrally administrate and control all user-related authorization information (identities, groups, roles) across all IT systems. Access rights are recertified via the web interface of the GARANCY Recertification Center. Here the rights and roles assigned to employees are checked by the defined person in charge and automatically revoked if the manager decides not to extend an authorization.
“The Recertification Center illustrates in a highly structured and comprehensible manner the role of any employee and what systems she uses for what purpose. This makes it so much easier to quickly decide on whether to reassign or revoke access to an application” says Perce Frahm, Department Head Technical Infrastructureat Investitionsbank Berlin. As regards the IBB’s authorization management and certification processes, the auditing firm ‘strongly recommended’ the identity management technology in place.
Further information about Beta Systems’ Identity Access Management solutions is available at www.betasystems-iam.com.
http://www.betasystems-iam.com
