Financial Client's IGA and PAM Transformation: CredenceIA turned around a failing IGA and PAM implementation, maximizing Saviynt investment and enhancing security and efficiency.
Overview
The Independent Broker-Dealer specializing in financial services investing urgently needed to revamp its user lifecycle and governance technology program, particularly focusing on privilege access management (PAM). Hindered by a failed Identity Governance and Administration (IGA) and PAM implementation, they sought a turnaround strategy to maximize their Saviynt investment, mitigate risks, and enhance efficiency. With outdated user lifecycle management tools, manual processes, and spreadsheet-based certifications, the client faced significant operational risks. Despite investing in Saviynt solutions, they struggled to realize benefits, leaving critical back-end accesses vulnerable. Without a properly implemented IGA solution, the client was unable to initiate Saviynt PAM implementation, exacerbating security concerns.
How CredenceIA Helped
2015-2017
-
CredenceIA conducted a comprehensive review of the current technology, processes, and challenges, devising a strategic 3-year roadmap to align stakeholders and implement privilege access solutions.
-
CredenceIA assessed the existing implementation, resolved issues, rolled out Saviynt in production, reduced operational burdens, and established Privileged Access Management (PAM).
-
Key privilege use cases, including Active Directory privilege access, database privilege accounts, and server admin accounts, were identified. The CredenceIA team addressed the risks associated with using internet-facing accounts for critical privilege functions by recommending secondary accounts for privilege access.
-
Saviynt’s Cloud PAM (CPAM) was then configured and deployed, with established privilege request and approval processes. Features such as password rotation, session recording, and credential-less access were implemented, ensuring comprehensive PAM coverage.
-
CredenceIA's managed service developed daily KPI reporting to ensure both Identity Governance and Administration (IGA) and PAM capabilities were functioning as expected.
-
The strategic roadmap and application prioritization enabled the client to continue onboarding the next set of applications for user lifecycle and access governance, while a parallel track implemented the next set of privilege use cases.
Outcome
Partnering with CredenceIA, the client underwent a comprehensive reassessment of their IGA/PAM program, culminating in a board-approved 3-year roadmap. CredenceIA revitalized the failing IGA implementation, introducing a managed service model with key performance indicators (KPIs) and prioritizing critical PAM use cases.
Within months, the client achieved robust user lifecycle management and successfully implemented Saviynt PAM. CredenceIA established a solid foundation for the rapid onboarding of critical applications and future PAM enhancements, driving significant improvements in security and operational efficiency.