AA gets motoring with identity management
Breakdown and insurance firm meets FSA regulations and increases security
The AA is installing identity and access management software to increase security and compliance and reduce administration costs.
The motoring and insurance firm will use software to automate the management of digital identities and user access for 6,000 staff and to replace ageing manual systems.
‘Previously, new staff were created in our SAP human resources (HR) software, but from there we relied on staff to provide the right information to different administration teams,’ said AA senior architect James McNeilly.
The company is introducing software based on Novell Identity Manager and Novell eDirectory technology to deliver single sign-on. The technology will be integrated with the SAP HR system, ensuring that when a new user is created or removed, it is updated automatically on all IT systems.
‘We must be able to audit our IT environment to identify users and their access rights easily,’ said McNeilly. ‘This software will ensure that only current employees have access to systems and that these employees have the correct account privileges.’
The decision to automate identity management is in line with the Financial Services Association’s (FSA) principle of senior management responsibility for risk management.
‘All our products, even roadside assistance, are now considered to be insurance, and as such we are governed by the FSA,’ said McNeilly. ‘So we must be able not only to ensure that the right security is in place but that we can track changes.’
Gartner research vice president Ant Allan says meeting FSA regulations is a major driver in the financial sector’s shift towards using automated identity management.
‘Regulators demand that companies not only manage risk, but have the appropriate controls and be able to demonstrate that,’ said Allan. ‘Identity management gives control and visibility across all systems, increases reporting capabilities and addresses regulation requirements.’
But Allan says the biggest challenge is ensuring that the framework and set of rules determining which users can access which systems is set correctly.
The AA also expects cost benefits because it now requires just one administration team, where previously there were up to five.
What do you think? Email us at [email protected]
Further reading
AA thin clients cut support costs