Customer Challenge

Modernize Identity management operations for a Global financial services portal supporting 800,000 customers, staff, and partners operating in 23 countries. The portal supports segmented integration with multiple identity sources including cloud, SaaS, on-premise, and mobile service providers. Identities are stored in multiple directories according to business workflow. Access policies, analytics, and consents are managed within each directory or application. Due to frequent M&A activity the portal is continually adding and removing new applications and directories. Lack of unified operations has caused user account retirement failure, over-entitlement, risky personal data sharing, and slow on-boarding of new services.

Requirements

Personal data must not be shared across organizations
Partners and customers must not access the corporate network
Partners and customers must login with existing credentials and directories
Corporate Identity directories must remain separated due to regulatory mandates
Access cannot be shared without explicit permission and restrictions
Regulate access policies for specific products and groups
Tiered access policies to control multiple roles and groups from different companies
Mutual access and retirement controls for customers and partners
Custom terms, conditions, and consent management for each user and product type
Global access policies to govern all directories, applications, and user types
Solution must scale and reside in the Cloud
Solution must provide business intelligence analytics for compliance and license management
Must operate with existing Identity and cloud security infrastructure services
Must support incremental adoption vs big bang deployment
Must reduce to cost of operations and accelerate service deployment and retirement

Solution

IdRamp Identity Fabric was deployed to implement adaptive access policies across disparate identity sources. Customers and partners were provided with “bring your own identity” (BYOID) access by connecting their directories to the IdRamp policy fabric. This reduced the number of identity accounts and the need to share personal information. Policy controls were provided to partners and customers allowing custom configurations for each relationship. Global, terms and consents were deployed for each service incrementally.

Vertical markets were on-boarded gradually to ensure no business disruption. Since IdRamp is a plug and play fabric no re-platforming was required. This allows the organization to add or subtract directories on demand with no downtime or expensive migrations. Imminent platform upgrades to existing identity and security infrastructure inter-operate seamlessly to protect business experience during complex changes. New applications plug into to the fabric for on demand integration with any combination of directories and access controls.

The results

40% reduction in the number of identities managed
80% increase in the speed to deploy or remove new service and applications
20% increase in revenue to support new use cases with complex data regulations
60% decrease in operations cost required to manage access and integration
25% decrease in SAAS license requirements due to centralized analytics across all application

The identity and access management landscape is treacherous with every new IAM provider and SAAS application competing to sell you their identity stack. The traditional model of one platform for all cases is not sustainable or efficient. Contact IdRamp to learn how a decentralized fabric can help transform your organization.

Schedule a Demonstration

Learn how IdRamp can help transform your digital strategy.

Contact

Cookie	Type	Duration	Description
__cfduid	1	4 weeks	The cookie is set by CloudFare. The cookie is used to identify individual clients behind a shared IP address d apply security settings on a per-client basis. It doesnot correspond to any user ID in the web application and does not store any personally identifiable information.
cookielawinfo-checkbox-advertisement	0	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	0	11 months	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary	0	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary	0	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
cookielawinfo-checkbox-performance	0	11 months	This cookie is used to keep track of which cookies the user have approved for this site.
viewed_cookie_policy	0	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Type	Duration	Description
_ga	0	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_gid	0	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
GPS	0	30 minutes	This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location
IDE	1	1 year	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
is_unique	0	4 years	The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form
is_visitor_unique	0	2 years	The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form
sc_is_visitor_unique	0	2 years	The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
vuid	0	2 years	The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.

Cookie	Type	Duration	Description
_gat	0	1 minute	This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites.
muxData	0	19 years	This cookie is used to enable certain video player functionalities associated with Vimeo.
PREF	0	7 months	This cookie is set by Youtube. Used to store user preferences like language or any other customizations for YouTube Videos embedded in different sites.
VISITOR_INFO1_LIVE	1	5 months	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	1		This cookies is set by Youtube and is used to track the views of embedded videos.

M&A Identity Integration & Modernization