Engagement overview

Identity and Access Management (IAM) is an integral part of an organisation’s corporate security. Ensuring that IAM processes are both compliant and mature enables huge cost and efficiency savings over time as well as mitigating potential security risks.

A leading local medical aid insurer procured a cloud-based identity management system, SailPoint IdentityNow, which integrated with their human resources system, SAP SuccessFactor. Their aim was to migrate role entitlements from their legacy system, to their new cloud IAM solution.

They envisioned structuring Role Based Access Control (RBAC) data over 1000 legacy access profiles, across three business units, cleaning up and structuring it in order to eliminate legacy problems and modernise role entitlements. The results of the migration were to enable automatic user provisioning powered by their human resources system. As well as ensuring current functionality such as password management, single sign-on and access certifications was included in the scope of the solution.

BSG was engaged to assist in achieving these goals in an accelerated timeframe, navigating uncharted territory, as this was the first programme within the organisation which migrated data to a cloud-based solution.

BSG tailored an approach that would introduce a rapid pilot to optimise one business unit and then aggressively scale the approach across the remaining business units. BSG’s Analysis and Design team supported the creation and implementation of a four-phase solution:

  • Access administration: included conducting an analysis of legacy role entitlements, surveying all affected systems and processes and presenting a roadmap for delivery. As a result of deep business understanding BSG was able  to ensure that all access entitlements data was consistent and accurate.
  • Access normalisation: Through the introduction of a Role Based Access Control (RBAC) framework, BSG utilised critical analysis to structure and group access data for certification at a role entitlement level.
  • Access configuration: BSG supported the creation of new access entitlements built on the source system to allow for a seamless migration and integration into the target system and architecture.
  • Migration: the final phase of the programme was to ensure the synchronisation of access entitlements from the legacy system to Sailpoint IdentityNow.

BSG enabled the ongoing maintenance and continuity of the modernised systems and processes through empowering the company’s staff.

Making a difference

Making a difference in communities

Cloud-based IAM is far more than a series of technical implementations. In addition to enabling secure access to relevant resources, cost and efficiency savings can be realised when business needs are the key driver to this process. BSG’s engagement mapped both data and solution against the backdrop of the company’s business needs. BSG delivered rapid, accurate solutioning and implementation, taking the programme from initiation to delivery in seven months. Thereby solving a problem which had been present in the business for over five years.

The solution mitigated potential security risks through the elimination of inappropriate user access rights. Sensitive data was protected from unauthorised access and the right resources were made available to stakeholders across the business. Often, identity management processes are either manual or semi-manual. The implementation allowed automatic provisioning of user profiles directly from their human resources system, creating efficiencies within the organisation.

The collaborative implementation approach followed by BSG ensured that staff at the leading local insurer were empowered to guide the cloud-based IAM system to maturity even after BSG’s engagement had come to an end. Data governance processes put in place will ensure the continuity of the system and scalability of the solution to match the changing needs of the business.

Chief Executive Officer

Related Case Studies

Contact Us

We love talking about change. If you've been inspired by anything you've read here, please get in touch.

Not readable? Change text. captcha txt