IT managed services
Blue Bridge cloud computing
Servers and data warehouses
Data transmission equipment
Cybersecurity
Partner cloud computing
Cooperation solutions
Hardware servicing
Training
Infrastructure management
All stories icon

Enhanced information security via centralised identity management

icon

As one of the biggest institutions in Lithuania, the State Social Insurance Fund Board (SODRA) works with more than a dozen information systems. In 2014 the decision was made to modernise the management of these systems in order to make it more cost-effective and better safeguard the information that SODRA gathers. With the help of Blue Bridge Code, SODRA implemented one of the largest-scale IT solutions in the country – an identity management system based on Microsoft Identity Manager (MIM) which automates the administration of access rights to information systems.

Situation

Every day almost 1,000 employees of the State Social Insurance Fund Board use more than a dozen information systems, each of which was long administered separately. The administrator of each system had to not only ensure the system’s proper functioning, but also administer employee access rights.

„An administrator would get about 15 emails a day with requests. Permissions to access the system had be granted to some employees, while for others they had to be revoked since they’d changed positions. Administrators would also get a lot of questions about why one employee or another couldn’t access certain information even through it was part of their job. So the administrators spent much of their day just solving these problems. They would clarify which employees should have which rights and then manually grant or otherwise change employees’ rights in the system, and so on,” says Valerij Jurgo, a systems analyst at Blue Bridge Code.

.

With systems administration managed like that, errors were naturally sometimes made – not just in terms of not granting rights that employees should have, but also in terms of not revoking rights to which they were no longer entitled. Working out who was entitled to what right took time, so security suffered. It was seen more and more that the administration process lacked consistency and required too much time and money. The organisation clearly needed a more effective solution.

Solution

„When choosing the new solution, we knew MIM technology is among the most advanced tools in the area of identity management. We also knew that it’s designed for truly large-scale organisations, of which there aren’t very many in Lithuania, so we were afraid we might not find professionals with expertise in this technology. Happily, we started working with Blue Bridge Code and all our doubts vanished – the solution we ultimately developed together exceeded our initial expectations,” a representative of SODRA says.

The development and implementation of the identity management system took only 6 months.

„The essence of the system is the creation of a single centralised space. From there employees’ access to all systems is automatically controlled. In total we created 13 integration interfaces with critical SODRA information systems. Business processes were also reviewed and optimised, and the personal data and information in the Active Directory system were put in order,” Valerij Jurgo explains.

Result

The implementation of centralised identity management was a key step forward not only technologically but also organisationally, since SODRA’s job specifications were concretised. The new system made it possible to grant rights not to a specific person, but to a job title. “When we put the data in order, the ever-present chaos disappeared. And in the process of sorting things out, we also solved a security gap – we found connections by former employees whose access rights to the system were being used by other employees,” the SODRA representative said.

The modernised infrastructure has noticeably reduced costs in terms of staff time and lets employees focus on their direct responsibilities rather than solving system access problems.

 

“Centralised identity management has made working with our systems more efficient and secure. This solution also made it easier for employees to work with the systems – now they have a single password for all the systems, and if they forget it they can send an electronic request and quickly get an answer,” notes the SODRA representative.

The work of systems administrators has also become more efficient. Every morning each administrator gets an email detailing changes since the previous day, i.e., whose system access rights were automatically granted or revoked. With this information, the administrator can allocate most of his or her time to the more important tasks of ensuring constant functioning of the system, resolving incidents and clarifying further development needs.

 

The work of systems administrators has also become more efficient. Every morning each administrator gets an email detailing changes since the previous day, i.e., whose system access rights were automatically granted or revoked. With this information, the administrator can allocate most of his or her time to the more important tasks of ensuring constant functioning of the system, resolving incidents and clarifying further development needs.

arrow All stories Next story arrow