Sailpoint IdentityIQ implementation for one of the world's largest food delivery chain
A US based world leader in food delivery operating internationally
Business Challenge
One of the largest food delivery chain, operating internationally required Sailpoint IdentityIQ implementation to understand the access scope of employees, partners, and contractors across the hybrid IT environment. The key requirement was to ensure compliance with SOX regulations and an overall Identity Governance solution for access control. The AS-IS provisioning solution allowed the customer to provision users via multiple ways which had resulted in duplicate accounts and unstructured data. The external audit report had highlighted significant deficiencies around identity and access control and had furnished a long list of security and compliance gaps.
Proposed Solution
In order to address the above discrepancies in access management and decrease the organization’s level of risk on account of it, 99Oranges implementation team did an overall IAM assessment and presented a phase-wise implementation plan to address these risks and streamline the access management process. The team implemented the following Sailpoint IdentityIQ features:
- User Provisioning: The automatic provisioning ensured compliance and reduced risk by automatically modifying access to applications and data according to the user’s lifecycle events such as new hires, movements, and termination.
- Password Management: The Sailpoint password management gave users an easy and intuitive way to change or reset their passwords. The users were able to recover their passwords through configurable response questions resulting in a reduction of helpdesk calls while enforcing strong password policies across all applications and systems.
- Access Certifications: this feature allowed the business managers to stay compliant and manage risk. The business was able to leverage Sailpoints automated certification process quickly review access across the data center, cloud and mobile systems and prove to auditors that the compliance control is in order.
- Access request: It streamlined the access request process by leveraging the centralized repository of roles & entitlements.
- Analytics and Reporting: Sailpoint’s intuitive and user-friendly dashboards allowed managers to interpret and monitor key identity management metrics such as policy violations, access reviews across all the enterprise on one screen.
Result
The implementation of Sailpoint IdentityIQ helped the organization to mitigate risk, reduce IT cost and ensure compliance. The access certifications made sure there was no redundant access to any user and it was in accordance with the user’s profile. The implementation of SOX regulations around identity and access control ensured the significant deficiencies are addressed.