T-Systems standardizes Identity and Account Management processes and thereby reduces costs. With this motto, T-Systems has established secure and optimum process handling by means of a new and integrated Identity and Access Management solution. This slot will show the background and success of the project.
T-Systems employees now have the option of requesting access to applications online via a Web front-end in a user management tool based on syscovery Savvy Suite. The introduced standard software structures the internal request process transparently and thereby helps to maintain Security and IT-Compliance requirements in Identity and Access Management and to reduce costs.
T-Systems was posed with the challenge of finding a uniform solution for the wide-ranging request and management processes for access to applications. In a company of this magnitude, distribution of applications is naturally very complex. With the launch of new security guidelines, a new solution was sought for that would not only guarantee data protection and SOX-compliant ordering processes, but also standardize the entire process landscape for access to applications, present expenses according to cost centers, and help make license costs for access to applications transparent.
Today, optimized and automated request processes help to cope with the increasing effort and expenses. Approval applications no longer have to be processed by hand, but get to the authorizing agency responsible for them by means of an automated workflow. After corresponding testing and approval, further processing happens automatically. The orderer can trace the status in the approval process at all times. The users' satisfaction with the now fast and transparent ordering process increased significantly.
The new solution makes application ordering processes transparent, accelerates their handling, and makes them traceable for the long-term. An employee in need of access to an application can order it in a personalized catalog via the corporate Intranet. Then an automated approval process begins, which is geared towards the stored hierarchical, organizational, and approval structures of T-Systems.
The application to be managed is captured and assigned to a cost center even as it is being provided. The integrated reporting solution informs decision-makers about the respective order processes, but also about the applications being used.
The new solution fulfills SOX/BillMoG and data security requirements. Only authorized data owner can grant concretely described access rights. Each employee has to clearly identify him or herself based on the authorization system to make use of his or her rights. The assignment of authorization is checked regularly and ensures that only authorized persons have the corresponding access rights. Unauthorized or inactive users will have their existing rights revoked. If applications are no longer used or employees have left the company, the associated access used to have to be deleted manually. Now this happens automatically.
The needs-based assignment of accounts reduces the total demand and thereby the costs. During the initial load of applications and their accesses, several thousand accesses could already be deleted. Depending on the applications, reductions of up to 63% were possible. Regular inventory audits also provide cost savings in the ongoing process.
Currently, employees of T-Systems can order authorization for up to 77 applications. In the process, a total of more than 350,000 accounts are set up. More than 5000 business managers and 50 so-called specialist approvers can check and approve these access authorizations in the workflow. On average, this means more than 400 business transactions per week.
