Event Recording

Airbus Expert Perspective: Managing Third-Party Identity Risk in the Supply Chain

Log in and watch the full video!

As a leader in innovative aerospace manufacturing with locations across the world, Airbus recognized the need to fortify its third-party identity management processes to better meet the operational efficiency and security needs of its evolving business and supply chain. Specifically, Airbus wanted to upgrade its identity management capabilities around lifecycle management, data quality, and obsolescence management for its third-party, non-employee users.

Benjamin Gasperi, On/Offboarding Product Manager, Airbus
Guillaume Lugat, Head of Identity & Access Management, Airbus

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Subscribe to become a client
Choose a package  
So we are moving on to the next track. So we have Benjamin gas and Lugar. They are both remote from Airbus. So can you hear us?
Yes, everyone. Yes, we can.
Great. So they both will tell us a bit about managing supply chain, access efficiency and securely, and, and think the stage is yours.
Thank you so much. Good afternoon, ladies and gentlemen. So let me introduce myself. My name is GI Luga. I'm the head of identity and access management product and service line at Thebus. I will be assisted by, by who he's the, I am onboard offboarding product managers working in my team. Both of us are French and remotely attending today from Tolu. It's a pleasure for us to be with you. Thank you very much for the invitation we are going to share with you the, the perspective about management of third parties, identities in the frame of supply chain challenges. So next slide please.
Thank you. So to start as an international reference in the IRA space sector, Airbus designs manufacturers, and delivers commercial aircraft helicopters, military transports satellites, and launch vehicles, Airbus as well provides data services, navigations, secure communications, mobility, and other solutions for customer on a global scale has built on its strong European heritage to become truly international with roughly 180 locations and 12,000 direct suppliers globally. The company has aircraft and helicopters, final assembly lines across Asia, Europe, and the Americas, and has achieved more than sixfold order book increase. Since 2000 innovation has always been a driving force at which promotes cutting edge technologies and scientific excellence. Abu. We encourages our experts to push their imaginations, moving the company into the industry, four of zero era and inventing new possibilities for the future of flight where safety and sustainability will be at the earth of everything. We are pioneering a cleaner and decarbonized aviation industry connecting and uniting people across the globe while safeguarding the sovereign of nations. As many industries across the world, Airbus has been civilly hit by the consequences of the COVID 19 pandemic. Our production rates have been adapted to the slowdown of the aircraft traffic, but we managed good resilience throughout the company, commercial aircraft traffic throughout the company's commercial aircraft, sorry, helicopters defensive space operations while ensuring health and safety of our employees.
Next slide please. So let's get into the main topic of our presentation. So this is an overview of the third party identity systems ATS. So ums works with a significant number of outside contractors and partners. So as I said, with more than 10,000 partner organizations around the globe that are provided with access to 5,000 internal applications while working either Institute or execute and having a relatively high turnover rate since while our pain points have been around lifecycle management, did the contractor leave or not around the data? Quality is the nationality is the email address is the mobile phone number is the company name of the contractor rate. And this was ed by the obsolescence of our existing solutions in terms of solution we've developed over the years, an approach, which is based upon delegation. The third parties are requested to nominate delegated administrators who are entitled through self-service Porwal to register identities of their workers and give them access to a subset of applications according to their activity and the subsequent roles they are given. Next slide, please. So, as I said, more than 10,000 suppliers around the globe from major suppliers, having very good digital skills ends being very much at ease with notions like identity and access rights to very small ones, completely lost facing them.
Think on the one hand about the gardener, a freelancer who comes to cut the trees once a month and on the other end, the it company who's having of engineers working at Airbus, their digital appetite, their induction with the it services is completely different. That's why for such a complex ecosystem and given our approach to delegate a part of the administration to the suppliers, the adoption of the tool is key. Next slide please.
So let's see where we started. So basically two, three years ago, we concluded that our existing solution would fail to meet the modern demands of digital transformation, which was becoming a must for our supply chain. We were having a very whole end of support sun identity solution. We were facing a lot of outages while trying to scale it up to a dimension. It was not designed for. And we were really struggling to simplify the onboarding process. According to the growing demand of flexibility, we were asked to cope with the significant increase of our production, as well as the progressive consolidation of third party services at Airbus group level, as an example, implementation of a new workflow in the old sun identity system was requiring something like six months time for development testing and rollout. Next slide please.
So we needed a solution that was both robust and flexible to meet or net. I talked about the variety of users interacting with our self-service Porwal. So the gardener and the big it company. So that's why user adoption user experience was a key requirement for us scalability as well, more than 100003rd party users to serve plus many, many changes a year to handle. So to meet our supply chain requirements, we needed a very flexible solution to adapt and support the rapid evolution of our processes across the supply chain and automate as much as possible life cycle management of the third party identities to speed up time to onboard and grant access to the digital tools. Next slide, please,
In summary, the specifications of our new solution, where the following ones, an automated and boring capability, both for individuals and groups. So in detail, we needed also the, the capability to create in batch mode, a large set of users. This is something we are using. When for instance, we have case where a big supplier is replaced by another one. And the new one is hiring the resources of the old one and we don't want, and we don't have time to get each and every user transferred to the new company. So we are using a batch to make that in an automated way. We needed as well, a solution where we can hard, where we can modify, remove workflows within a few days, by configuring an interface and not by having the need to develop a piece of quote, requiring a deployment and a complex support auditing and reporting capabilities. So more and more for compliance reasons, we must be able to drag to store and to provide information to various authorities for further inquiry and tier management capabilities. So for legal constraints, we must keep visibility and control on our prime contractors, obviously, but as well on their own contractors who are involved in the delivery of their work for ABUS delegated administration has said many times it is key for, for us to end the volume of users to create. So we've also required this new service to be protected by a multifactor authentication.
Next slide please. So using Zeta's third party identity risk solution, we are not only going to solve our initial issues and meet our business requirements, but we also will be able to strengthen security in the process of onboarding and off onboarding suppliers. The data model OFTA is very flexible. So for example, we are going to have new fields to manage multiple nationalities of suppliers in the frame of export control regulations. We are bound to other features around security, like risk scoring are going to help us in making sure that the appropriate access is granted to the right person at the right time and notarized or debt provision contacts are removed in a timely manner. These features which exist in the tool are facilitated its adoption by the security teams who are now directly and actively sponsoring the new solution and its rollout over the company last but not least end users can be delegated to fill their identity on their own. So this will simplify further the role of the delegated administrators and empower the end users. Next slide please.
So where are we today? So the ground opening of the new survey provided byta was done Inpro this year and we currently fixing some performance issues, which have delayed a bit the rest of the project, as well as a bit damage as well, the user adoption, but I'm sure we will overcome them quickly thanks to the engagement of product teams right after we are going to finalize the integration of the new service within our security operation center. So the locks of the service will be pushed to Splunk for realtime analysis, and we will continue to leverage upon the new security features to enforce the global end-to-end identity lifecycle governance for our supply chain. Next slide please, in summary, and please allow me to give you four helpful recommendations. First one, reducing time to onboard and to off board is essential for the supply chain of a healthy company. Every second matters when it comes to give access to the digital tools. Second flexibility is also key to accommodate the rapid pace of change opening there, and the variety of use cases to handle for me, configurable workflows is the must third, the new generation of services like sex attack and both improve operational efficiency, scaling up and down, integrating with other IAM tools like IGA, for example, and security. And this is a massive win for organizations like ours.
Fourth recommendation do not forget the end users at the end of the day, they are the one using these services and if they're lost, then we are in trouble. So this is the end of my presentation, Benjamin and I will be happy to take any question you may have.

Stay Connected

KuppingerCole on social media

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00