Capacity plan for insurance and financial institution
Messaging and portal consolidation for educational institution
Web SSO with double authentication for national university
Identity management for financial institution
 Home | About Us | Customers | Case Studies | Identity management for financial institution mail  del.icio.us  digg 
about us

Identity management for financial institution

 

Problem

 

An international banking institution that just entered the Mexican market required an identity system that allowed them to have centralized and automated control for provisioning and de-provisioning of their users to the central systems and the bank’s support, in a such a way that they could meet regulations related to accessing the bank’s systems information and achieving risk reduction, avoiding vulnerability caused by having exposed accounts.

 

The business problems to be resolved were the following:

 

  • Slowness and inefficiency in provisioning and de-provisioning employee’s accounts.
  • The bank’s IT department wanted to allocate more time planning activities related to the business, instead of creating a help desk to resolve daily tasks and with no impact to the business, such as managing user passwords.
  • Meet government regulations that establish the need to manage and save identity related processes.
  • Incorporate secure practices for user management to eliminate the possibility of incorrect or fraudulent use of privileges to access information.

 

Solution

 

Working together with the bank’s Information Security department, the structure of directories, roles, and user groups was defined, in order to grant access privileges according to the responsibilities and roles of each position within the bank.

 

This solution allowed the interoperability, synchronization, and integration of the financial institution’s proprietary technologies, directory servers with different platforms and databases, providing efficiency and security in the centralized assignment of services such as network access, office applications, e-mail, and financial services of the bank.

 

Additionally, the authorization mechanisms and flows required to ensure the visibility and correct user provisioning and de-provisioning were incorporated, simplifying its management and reducing risks associated with this process.

The solution included the definition of password management policies, validating minimum characteristics for its construction, reutilization and expiration. The auto-service feature was also enabled, in case of losing or forgetting passwords, facilitating its recovery or reset through the application of security questions to confirm user’s identity.

Technology and/or tools used

 

The solution used the Sun Microsystems’ software products included in its identity suite, considering password synch features for the synchronization of passwords within directories:

 

  • Sun Java System Identity Manager