Finding New Ways to Efficient User Administration and Improved IT Security
Ballerup is a visionary in the public sector within automation of user administration and access rights management. Strong integration between the identity management solution, the payroll system, and other target systems in the municipality has resulted in efficient user administration, tangible savings, and improved IT security.
Challenge scenario
Efficient and secure processes for onboarding, transferring, and offboarding employees was a key priority for The Municipality of Ballerup. As such, the municipality wanted to automate the user administration and gain administrative benefits from streamlining the management of access rights for its employees.
Furthermore, a prerequisite was that the identity management solution would integrate with the payroll system, and comply with public policies regarding case- and document handling. Equally important, the solution had to encompass decentralized, administrative HR tasks in place at institutions and departments across the municipality.
Solution
Omada Identity was implemented and adapted to the specific requirements in Ballerup. Automated administration of Active Directory and Exchange had high focus, and indirectly led to automatic administration of basic user rights on 15 different technical applications. Today, business managers have access to one, user friendly portal where they handle employee data through the payroll system – independent of their actual location. If, for example, an employee is offboarded in the portal – his or her accounts in target systems are automatically revoked as well.
The provisioning of IT rights and detailed allocation to a group is handled by automated delegation in a portal solution, provided by Omada. Thus, the administration of user rights is decentralized and can be managed automatically from the identity management solution. During the implementation project, Omada advised the municipality on the optimal IT architecture for the central systems: payroll system, administration system, identity management system, Active Directory, and mail system.
“Omada definitely has the necessary skills, know-how, and resources to ensure our digital visions become reality. The job was completed convincingly, we have achieved significant benefits as a result of the solution, and we have had a very good and flexible cooperation with Omada – especially when we introduced a new payroll system in the middle of the process.” Jytte Møller Christensen, Head of Digitalization, Municipality of Ballerup.
Benefits
As a result of the implemented identity management solution, data quality has improved, user administration has become more efficient, and new employees and their managers experience better and in particular faster service when requesting IT access rights.
The overview of access rights and reporting capabilities has improved, and by means of the new control and follow-up functionality the municipality now complies with auditors’ IT security demands – for instance secure handling of super user rights, termination of users that are no longer employed, reviews of access rights, and better management of Active Directory.
The identity management solution in place at Ballerup is future proof and scalable, so upcoming expansions or new investments in IT systems in the municipality will easily be adapted and included in the centralized access rights administration.
Omada Identity
Omada Identity is a Microsoft based solution for identity and access management and identity governance and administration. The solution integrates seamlessly with various systems including Windows Server IIS, Active Directory (AD), Azure IaaS, Forefront Identity Manager, and SAP to deliver a complete solution for identity and access management:
- Advanced role based access control
- Compliance reporting and attestation
- Workflows with approval
- Self-service
- Segregation of duties
- Delegated administration
These features provide immediate and significant business benefits including:
- Fulfilled regulatory compliance requirements
- Increased enterprise productivity
- Reduced user management cost
- Heightened data security
