Compliance Control with Central Role-Based Identity Management
Commerz Real Group has put in place comprehensive safeguards to protect its systems, data, and information from fraudulent activities and misuse. As such, the group is committed to strict corporate governance regulations across the organization.
Commerz Real AG is a wholly owned subsidiary of the major German banking and service provider – Commerzbank AG.
The Group offers its investment and financial services to private and institutional investors, and its spectrum covers diverse tangible asset investments within property development, real estate, renewable energy, technology, and aviation amounts to approximately € 35 billion in total.
To further strengthen its security and maintain a consistent compliance level, Commerz Real has implemented a central role-based identity management solution with single sign-on.
Omada’s all-in-one solution for automated role-based access control, provisioning, identity lifecycle management, and compliance control proved to be an ideal match for their solution requirements. A key deciding factor for selecting Omada Identity was the easy configuration and best-practice standard processes that provides built-in advanced IAM features:
- Self-service access request portal for improved user experience
- Automated attestation workflows eliminates simple repetitive tasks for both business users and the IT-department
- Compliance dashboards for on-demand access intelligence overview and reporting
- Increased IT security via automated segregation of duties policy validation
Omada’s adaptable approach enables Commerz Real to scale and set up identity management processes in line with changing business requirements and continuous expansion. The solution in place at Commerz Real manages 1200 identities and has built-in standard connectors to target systems like SAP and Microsoft AD to ensure quick access in compliance with strict regulatory requirements.
New systems and applications are easily onboarded, so business users are able to get appropriate access quickly.
“Omada’s solution is easy to use and has transformed previous resource intensive repetitive tasks into centrally controlled automated processes. Additionally, the automated onboarding and management of applications and identities according to regulations and policies, means that compliance is automatically implicit – so for us identity management is cool,” states Christian Ebert IAM Project Manager at Commerz Real AG.
Identity Lifecycle Management
Omada Identity provides all necessary processes for full automation of tasks related to identity lifecycle management. A self-service portal allows users to apply for access rights and resources, and managers / role owners may delete any access that is no longer required. Processes for role-based access control grant appropriate access rights to employees based on job functions. At the same time, Omada Identity ensures that no critical access rights combinations are assigned.
In addition to identity lifecycle workflows, the solution automates the processes for periodic reviews and quality assurance of roles and permissions. Automated attestation workflows generate audit ready reporting enabling compliance with complex regulatory requirements.
“The business benefits of identity management are obvious. In a strictly regulated industry like ours, compliant and secure access is essential. Omada’s solution has provided Commerz Real with a proactive approach, so we continuously have a clear overview of the actual state of our access governance,” says Christian Ebert, IAM Project Manager.
Omada Identity is a Microsoft based solution for identity and access management and identity governance and administration. The solution integrates seamlessly with various systems including Windows Server IIS, Active Directory (AD), Azure IaaS, Forefront Identity Manager, and SAP to deliver a complete solution for identity and access management:
- Advanced role based access control
- Compliance reporting and attestation
- Workflows with approval
- Segregation of duties
- Delegated administration
These features provide immediate and significant business benefits including:
- Fulfilled regulatory compliance requirements
- Increased enterprise productivity
- Reduced user management cost
- Heightened data security