A premier European bank had thousands of system users distributed on different systems, which needed to be monitored and adapted to any organisational change. The main challenge for the bank was to guarantee maintenance of their high security standards, whilst avoiding having to allocate a platoon of employees to monitor and implement these changes every day.
In addition, several compensating controls were required by external auditors as there were areas of uncertainty regarding the correct assignment of roles to employees.
FORFIRM proposed the adoption of a One Identity solution, which was able to integrate the bank's applications and govern the Logical Access Management workflow in a unique interface. FORFIRM integrated the bank's systems into One Identity, designing the authorisation workflow with different paths of authorisation.
A preventive framework for governing SOD was also created to evaluate the risks derived from the assignment of multiple rights on multiple systems.
The onboarding and exit procedures for employees can now be done in real time and several complex monitoring controls, such as user recertification, have been rendered obsolete.
The system authorisations have been reviewed and provide only pre-authorised access within the acceptable level of risk for the bank. As a result of this, the reduction of business controls is no longer necessary.