4-page Case Study - Posted 7/25/2007
Views: 345
Rate This Evidence:
Polish Bank Cuts Administration Time by 90 Per Cent with Identity Management System
When Rabobank International Holding became a strategic investor in BGŻ Bank, its product range and client base grew. The company introduced a range of applications to cope with this growth, but was struggling to manage its increasingly complex infrastructure. BGŻ Bank worked with Microsoft® Services to introduce Microsoft Identity Integration Server 2003 identity management system. As a result, BGŻ Bank has automated its user and permission management processes. Help desk calls related to resetting passwords have been reduced by 85 per cent, and IT administration time has been cut by 90 per cent. In addition, user permissions can be awarded or withdrawn quickly and easily, while the IT team has a clearer view of each user’s accounts and permissions across applications. The bank has eliminated paper processes and the associated risk of human error, while improving its overall efficiency.
Situation
Large banks are dependent on their IT infrastructures to process complicated transactions and increase their business. But as their businesses grow they need to ensure they can manage their technology effectively.
After Rabobank International Holding invested in BGŻ Bank—one of Poland’s top 10 banks in 2005—it decided on a new strategy, focusing on developing a branch network, introducing a new product range, and expanding the local client base.
While new products and clients presented a business opportunity, they also resulted in an operational challenge. The new strategy required the implementation of a range of applications capable of increasing business efficiency. After introducing a number of applications over a short period of time, BGŻ Bank realised that its further expansion could have serious implications on infrastructure management.
Ewa Burzycka, IT Infrastructure Deputy Director, BGŻ Bank, says: “More applications mean more effort spent on managing user permissions. Errors occur easily because the application environment and workloads increase, and these errors can be expensive. The choice was simple—keep employing more people responsible for creating and managing accounts, or create a system to consolidate permission management. Of course, we chose the latter.”
The IT team used time-consuming, paper processes to grant and withdraw user access to applications. In addition, the team was receiving hundreds of help desk calls every month asking for passwords to be reset. It became clear that valuable time was being wasted on mundane administration.
The bank created a task group with representatives from various departments of its headquarters. The task group reviewed identity management solutions and drew up a list of functional requirements.
Burzycka says: “The conceptual work had begun before we embarked on the process of supplier selection. Our own requirement analysis made us realise what implementation process and functionality we needed. Consequently, we were more discerning in choosing suppliers’ offers.”
Solution
After thoroughly evaluating the market, BGŻ Bank chose to work with Microsoft® Services to implement Microsoft Identity Integration Server (MIIS) 2003. Burzycka says: “We chose a Microsoft solution because its functionality met the bank’s exacting requirements, as well as our short implementation time scale.” The project began in December 2005 and was completed—within budget—by July 2006.
Now, when the HR department creates a new electronic identity for an employee using its Oracle database, the identity management system automatically creates user and e-mail accounts in the bank’s domain. MIIS 2003 also generates e-mail notifications, which are sent to system administrators, line managers, and any other relevant employees. Burzycka says: “Automation—including e-mail notification—plays an important part in identity management.”
With the automated solution, members of the IT support team no longer spend valuable time on basic tasks. Users can reset passwords with the self-service password reset portal. If users forget their password, the system resets it, verifies users’ identity, and helps them choose a new password.
With a countrywide network of 260 branches, BGŻ Bank needed to find an efficient alternative to centralised management. Burzycka says: “Centralised management of around 5,000 employees dispersed over the country is possible, but hardly an improvement. We decided to manage standard permissions from 16 regional centres so the IT infrastructure department of the bank’s headquarters only needs to step in to manage non-standard permissions or to create a new permissions profile.”
MIIS also helps the bank to grant and withdraw permissions of contract staff, as and when required. Burzycka says: “Accounts of contract employees have a time limit. Because these workers often perform crucial tasks for the bank, an automated reminder is e-mailed to their supervisors, informing them of the account expiry. The supervisor can then extend the validity of the user account if required.”
Benefits
BGŻ Bank has streamlined its user and permission management processes. The new solution has cut the time it takes to add new users to the system and dramatically reduced incidences of human error. It has helped BGŻ Bank to automate routine digital identity management tasks and improve the efficiency of its day-to-day processes.
Help Desk Personnel Spend 85 Per Cent Less Time Resetting Passwords
The self-service password reset portal helps users take the administrative burden away from the bank’s IT infrastructure team. Users have helped to reduce the number of password resets conducted by the administrator of the central banking systems from around 250 per month to zero.
Members of the IT team at BGŻ Bank spend less time dealing with user permission administration. In June 2006, for example, the help desk received 416 password reset calls, whereas in April 2007, it received just 55 calls—a substantial time saving of 85 per cent.
Automated Processes Cut Administration Time by 90 Per Cent
In the past, administrators spent around 10 minutes setting up each new user account. With the new system in place, user account creation is fully automated, so administrators need only monitor the process. As a result, the time spent on account creation has been reduced by around 90 per cent.
In addition, administrators used to spend around 15 minutes creating and configuring each user mailbox. This process now takes just five minutes. The company estimates that the automation of account and permission management procedures has further reduced the amount of time employees spend on administration and form-filling by around 70 per cent.
Reporting Technology Improves Visibility
MIIS sends information to a logging and reporting database. The reporting tool tracks and reports administrative actions, as well as account and permission status across the connected systems. As a result, the bank can enjoy greater visibility of its user base.
Burzycka says: “Until now, it was very difficult to track who had access to which application and with what permissions. We needed to check a few databases, and there was always a risk of missing something out. The information from all integrated applications has been brought together into one identity management system.”
New Infrastructure Improves Responsiveness
Because it provides facilities to a number of outside specialists, including its investors’ staff, BGŻ Bank must ensure that everyone can work efficiently and without interruption. The IT team needs to provide these specialists with access to a variety of systems and applications. In the past, the process of granting and withdrawing permission to contract staff could be time-consuming and prone to error—access could be withdrawn too soon, for example.
Now that automated reminders are sent to their supervisors and account access can be easily extended or withdrawn, providing specialists with the resources they require is less laborious. The new solution helps the IT team to set and withdraw permissions in near real time. Burzycka says: “The central data bank also serves as a security device that helps us to instantly withdraw all permissions from a user in an emergency situation.”
For More Information
For more information about Microsoft products and services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Information Centre at (877) 568-2495. Customers who are deaf or hard-of-hearing can reach Microsoft text telephone (TTY/TDD) services at (800) 892-5234 in the United States or (905) 568-9641 in Canada. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information using the World Wide Web, go to: www.microsoft.com
For more information about BGŻ Bank products and services, visit the Web site at:
www.bgz.pl
Microsoft Server Product Portfolio
For more information about the Microsoft server product portfolio, go to: www.microsoft.com/servers/default.mspx
This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
Document published July 2007
