Omada Identity Optimizes Identity Management Processes
Vattenfall Europe – the German branch of Vattenfall and Germany’s third largest electricity company, is using a solution delivered by Omada to streamline the management of Identities and Access rights in compliance with the German Energy Industry Act.
The solution provided by Omada is built entirely on Microsoft technology such as Forefront Identity Manager 2010, and includes features such as provisioning of access rights to Microsoft Active Directory and SAP with preventive controls for segregation of duties (SoD) violations.
The solution also provides Vattenfall with compliance reports for easy response to questions like “who has to access to what” and fulfill regulatory documentation requirements for the management of identities and permissions.
A great match
Due to the German Energy Industry Act – EnWG (“Energiewirtschaftsgesetz”) it is required that access policies ensure that only specific parts of the organization are assigned to specific roles.
Vattenfall Europe needed a solution that would meet these requirements and prevent identities from being assigned to conflicting roles – both when assigned based on policies or requested via a self-service access request. Vattenfall also required a solution that quickly and easily provides the necessary data to satisfy documentation criteria in regulatory reviews by external auditors.
Vattenfall found that the solution provided by Omada was a great match for its business requirements, as the solution would deliver a complete end-to-end Identity Management solution.
The solution has been implemented by Avanade – a global IT consultancy dedicated to the Microsoft Platform – and went live with provisioning for 16.000 users in only five months.
“In a very short timeframe Omada was able to demonstrate our requested functionality. Combined with the high level of service provided by Avanade, the result is that we after just five months of implementation went live with a comprehensive solution that effectively fulfills our Identity Management needs.” Hans Rösch, CIO of Vattenfall Europe.
Crucial compliance regulations
A key business requirement for Vattenfall is the ability to gain timely and customizable reports of operations to satisfy the rigorous compliance reviews.
“Omada’s solution is helping Vattenfall to meet crucial compliance regulations specific to the energy industry in Germany, as well as improving performance internally by optimizing our Identity Management processes,” says Hans Rösch.
With the solution from Omada Vattenfall effectively meets the requirements for segregation of duties (SoD), ensuring strictly separated access rights, as well as to accurately document this separate access for reporting purposes.
Another specific requirement the solution has solved, is the support of “Managed Folders” in Windows for managing access to confidential data. This addresses the creation, access management, and deletion of centrally managed shares and folders in the distributed file system, as well as the reporting of this.
Automated processes
Omada has helped Vattenfall automate many IAM processes that previously were managed manually including processes for onboarding, transferring, and offboarding employees.
The simplified end-user experience, and the ability to quickly adapt the processes to changing requirements, greatly reduces time and resources for management and execution of business operations.
Vattenfall has taken benefit of the great workflow management capabilities and extended the solution further into the purchase management processes, where the solution includes management of purchase order amount authorization levels and digital signatures.
“The ability to automate processes is extremely crucial in the highly dynamic energy market,” says Jutta Cymanek, Omada’s Country Manager for DACH. “The solution from Omada helps Vattenfall automate user provisioning with role-based access control and segregation of duties, for fast and effective management and reporting on users’ access rights.”
Accelerated user provisioning
A productive version of the Omada Identity Solution was implemented in just five months, enabling Vattenfall to meet the requirements of providing strictly separated access rights, and segregation of duties, as well as to accurately create reports for auditing and regulatory reviews. Moreover Omada Identity proved to be a very helpful tool in a very dynamic environment where organizational change has become a constant.
An investment review of the Identity Management project at Vattenfall has concluded that the implementation of the Omada Identity has been a sound investment. The solution has added value by automating and accelerating previously manual provisioning activities, and has reduced Vattenfall’s exposure to risk.
Hans Rösch, CIO of Vattenfall Europe concludes: “The Omada Identity is a comprehensive solution that effectively fulfills our Identity Management needs. We have recently passed an external audit of our key commercial applications – the good results were highly supported by the Identity Management solution. Before implementing Omada Identity it used to take an average of two weeks for provisioning a new or transferred employee with the access rights necessary to do the job – now that time is down to a few hours from entering the request on the Omada portal to creating or updating a user profile for the requested application or service.”
