An employee-benefits provider transforms its IAM security policies, programs and technologies while enjoying multiple business advantages.

A leading U.S. provider of employee benefits

A longtime Sirius client wanted to dramatically reduce security risks and improve the user experience of its outdated identity and access management (IAM) infrastructure. It lacked uniform security controls and provided inaccurate data while also requiring a manual management process for onboards, changes and departures.

The Sirius Security practice migrated the client’s legacy IAM capabilities to SailPoint IdentityNow with Okta Identity Cloud and Okta Access Gateway, and then integrated approximately 200 applications. The solution enhanced security across systems, platforms, applications and devices while also improving the user experience. Most importantly, the work ensures that regulatory and compliance requirements including HIPAA, NYDFS, NIS, CSF and HITRUST are met.

• Risk to the organization was dramatically reduced by ensuring that authorized users have the right access at the right time, and that terminated users are de-provisioned in a timely manner.
• A new technical and operational foundation makes future application migrations faster and less complex, and replaces a 100% manual process for IAM.
• A state-of-the-art IAM security foundation enables the client to transform while gaining central services for all users and applications.

In September 2020, the Sirius Security practice was tapped to modernize a client’s IAM systems. IAM is an important component of IT security as it manages digital identities and user access to data, systems and resources within an organization. IAM security includes the policies, programs and technologies that control identity-related access. This modernization project focused on identity governance and administration (IGA) and secure access management (SAM) to dramatically reduce the risk of exposing sensitive data and information while automating integrations of the company’s applications.

Sirius’ comprehensive approach began with client workshops to gather requirements that were used to create a phased methodology, a complete catalog of all existing applications, and a project prioritization framework. This groundwork helped Sirius set appropriate access parameters and gave the client confidence that Sirius could manage the migration of systems with 200 applications and thousands of employees.

Sirius also migrated the client’s legacy IAM capabilities to SailPoint IdentityNow, Okta Identity Cloud and Okta Access Gateway solutions. As part of this work, Sirius deployed multifactor authentication (MFA) for the client’s Microsoft Office 365 and Dynamics 365 environments. “We automated what previously took hundreds of hours of internal integration work while also transferring existing employees and their access rights, which vary widely based on their roles,” said Sirius Security IAM practice Manager Russ Risteen. “We dramatically decreased the time and cost of employee access procedures for the client,” he said.

The solution replaced the legacy platform’s need for manual internal updates that were prone to human error and consumed internal resources in both IT and human resources. The new solution also immediately provides new hires faster access to the tools and information they need to be productive. “If you think about it, IAM is not just a security solution, it’s also a business enabler,” Risteen said.

Risteen shared that additional enhancements are under way, including the development of a role-based access control framework to streamline user life cycle management processes. On the consumer-facing side, Sirius is also helping the client streamline how they acquire customers in a seamless and secure way.

• Ensured that regulatory and compliance requirements are met, including HIPAA, NYDFS, NIS, CSF and HITRUST.
• Eliminated manual work in terms of managing users’ access and performing access reviews by automating and integrating business and IT applications into the organization’s IAM systems.
• Reduced the cost of—and sped up the processes for—onboarding, transferring and decommissioning employees while ensuring high levels of role-based access accuracy, which reduces risk and increases security.
• A new identity governance program with cross-functional membership across the client’s IT, Compliance and Audit departments further strengthens the client’s security posture by creating an internal forum for better decision-making and preparedness in a company culture where security is everyone’s business.

“We automated what previously took hundreds of hours of internal integration work while also transferring existing employees and their access rights, which vary widely. based on their roles.”

—Russ Risteen
Practice Manager, Security IAM
Sirius

SailPoint IdentityNow
Okta Identity Cloud
Okta Access Gateway