How DayBlink Consulting implemented, integrated and operationalized SailPoint with numerous corporate applications for a large technology company
Read the full case study here: IAM Scaling & Automation
Introduction
A large technology company was facing significant challenges in scaling its Identity and Access Management (IAM) provisioning and lifecycle management program. It aimed to reduce access control risks while increasing employee satisfaction and productivity through automation. Our team was engaged to design and implement a modern Identity Governance & Administration (IGA) capability using SailPoint. This core IAM authorization service enabled the Identity team to onboard dozens of high-use, high-sensitivity applications, provision access automatically using predefined rules and execute recurring access audit campaigns.
Problem
The client’s IT service desk was manually provisioning nearly a hundred systems, which was time consuming, inconsistent and inefficient
The client’s existing provisioning process for employees and contractors was entirely manual for joiner, mover, leaver (JML) use cases. The IT service desk had to navigate dozens of access guidelines to determine the appropriate applications and permissions based on worker roles and titles, leading to inconsistencies and delays. Approvals for provisioning were manually handled via email and Slack, further delaying the process.
Without a self-service access request portal, users and managers had no efficient way to request access to new applications. Access audits and campaigns were manually conducted by application admins, which was both time-consuming and error prone.
Solution
Our team successfully managed the implementation of Sailpoint and integration with HRMS, AD and Okta
DayBlink Consulting led the implementation of SailPoint and its integration with the client’s existing HRMS, Active Directory and Identity Provider (IdP) solutions.
To ensure the project’s success, we designed a comprehensive Application Onboarding Process to automate provisioning through SailPoint. By working closely with application owners, we developed role- and attribute-based entitlement rulesets to automate access. For request-based access, we integrated the IGA solution with ServiceNow and Slack to streamline request, approval and fulfillment using a self-service access request portal.
The goal was to (1) improve employee onboarding satisfaction, (2) reduces complexity, (3) unlock cycle time, and (4) decrease tech debt & operational overhead.
Outcome
The Service Desk was able to approve joiner entitlements 10x faster, while significantly reducing its backlog and error rate
The solution empowered users and managers to efficiently handle ad-hoc application access requests. We eliminated the use of manual reference documents, used by the IT service desk, for provisioning new user accounts and setting permissions, enabling seamless last-mile provisioning for the joiner workflow. The onboarding procedures we implemented set the client up to onboard its entire ecosystem of applications (over 500) within a three-year period. Our automated approval workflow integration with email and Slack reduced the number of human touchpoints, significantly speeding up the process.
We also laid the foundation to automate mover workflows, and enabled the client to conduct automated access campaigns on a predefined schedule based on application classification. This not only returned hours to an overworked IT team but also enhanced the overall security posture of the organization and drastically improved employee satisfaction.