Implementing Saviynt Security Manager for Identity Governance and Administration
Oxford Computer Group implemented Saviynt Security Manager at a mid-sized bank to streamline compliance processes and create a single, standardized IGA platform.
Challenge
Prior to the completion of this project, our client had a limited solution in place for managing identities and access rights for their associates across the various systems that they use.
To remain in compliance with SOX, access reviews were done manually – a labor-intensive and error-prone process involving many spreadsheets and emails to business owners and managers. This process placed a significant burden on the IT personnel, business owners, and manager and impeded user productivity and organizational agility.
The lack of automation, based on corporate policies, and the lack of integration with authoritative sources of data, resulted in incorrect or outdated information, leading to expensive remediation efforts following audit failures.
Oxford Computer Group (OCG) was selected to help the bank create a single identity governance and administration platform that will allow them to implement and enforce their policies centrally while still providing the flexibility to delegate administration roles as needed.
Solution
To overcome the challenges our client faced, OCG implemented Saviynt Security Manager (SSM).
We integrated SSM with Active Directory and the bank’s HR system, which both contribute as sources of truth for employee identities. We also integrated Saviynt with Okta to provide Single Sign-On.
Saviynt is now responsible for access certifications for seven critical applications, including Active Directory, the bank’s HR system, and key financial applications. Tasks coming out of Access Certifications are manual tasks in the tasks section of SSM to remove access that is revoked. These tasks are sent to Manage Engine for the bank’s provisioning team to action. Saviynt administrators will review these tasks and complete them in SSM after confirming the access has been removed in the target system.
We also deployed SSM’s analytics capabilities, including out-of-the-box reports and custom reports to provide further useful and actionable data.
Benefits and Outcomes
- Increased regulatory compliance within governmental and commercial regulations (SOX) through the periodic review of access to financial applications that are regularly audited.
- Standardized a single identity governance and administration platform by establishing an IGA framework solution in which all future and current applications and identity repositories are utilized as part of the identity lifecycle.
- Streamlined access removal or modification that comes directly out of access reviews completed in SSM to the client’s service desk tool to be fulfilled by the provisioning team.
- Lower administrative costs and reduce errors by replacing the manual process of doing access reviews involving many spreadsheets and emails to business owners and managers.
- Improved user experience by ensuring that access reviewers have a consistent experience and the appropriate level of detail to correctly review access across multiple applications.
Next Steps
Now that we have implemented Saviynt Security Manager (SSM) for access reviews to meet compliance regulations, including SOX, across seven of the bank’s most critical applications, they are looking to onboard dozens more applications into SSM that have similar requirements. Down the road, the bank is also considering using Saviynt for Identity Lifecycle Management of employee and contractor accounts.
Additional Resources
Webinar: Teams Governance with Saviynt