NNIT Displaces Legacy Identity System with SailPoint
NNIT is one of Denmark’s leading IT consultancies in IT development, implementation and operations. For more than a decade, NNIT has continued to optimize software development, business processes, and communication technology for its customers within Denmark and across the globe, including China, the Czech Republic, the Philippines, Switzerland, and the US. With its beginnings in the pharmaceutical industry, NNIT is experienced working in environments that demand the highest levels of regulatory compliance and cybersecurity.
Of course, this doesn’t mean that NNIT hasn’t faced technology challenges of its own.
One of its most significant challenges proved to be identity management. Over 17 years ago NNIT developed their own identity and access management system which lived up to the demands at the time. However, the tool grew unwieldy and didn’t live up to modern demands. “We built this tool for ourselves specifically, and we realized that the tool was starting to no longer live up to our standards,” said Alice Leth Sørensen, director of critical operations SAP and Security.
The need for greater visibility
Toward the end of its lifecycle, NNIT’s challenge with its legacy identity management system proved to be a lack of visibility. There was no easy way to determine if users had violated an access or security policy, or if accounts had fallen unsupervised, or even to properly notify admins or security personnel of failed login attempts. NNIT has built, Sørensen explained, an incredibly strong infrastructure to support its customers’ infrastructures, so it was also crucial that they be able to ensure and document customer systems remained fully segmented — and only those who should have access to systems could access those systems.
Further, the legacy system demanded considerable manual administrative processes. “Of course, our ability to automate these processes was a big driver for us to seek a new solution, and I advised the organization that we could eliminate up to 50 percent of those manual processes, including our certification reviews,” Sørensen said.
The move to a commercial identity and access management platform would enable NNIT to more effectively ensure that only the right people had access to the right resources for the right reasons — and it could do so more efficiently and cost effectively. “We would be able to automate our certifications so that instead of one big certification every year, it would be an ongoing process,” she said.
NNIT began its search for a new identity management platform.
NNIT’s five selection criteria
To determine the most suitable identity management platform for its needs, the team established some main criteria that would guide their selection: user interface, enablement (how it connects to all the big systems), cost, and chemistry. “While the capabilities of the products we evaluated were certainly important, we also wanted to make sure that there was good chemistry between NNIT and the vendor,” she said. With all of that in mind, the team reached out to evaluate the top five identity- and access-management vendors to determine the best fit.
During their detailed identity management system review, the NNIT team determined that some were not flexible enough, while others couldn’t scale to the degree NNIT required. And others still didn’t integrate easily with NNIT’s applications and systems.
At the end of the evaluation NNIT selected IdentityIQ. IdentityIQ helps enterprises manage identities in complex hybrid cloud and on-premises. With IdentityIQ in place, NNIT and the team can now see when accounts go dormant or when there are failed
logon attempts. They have also gained the control and visibility they sought that ensures users have the right level of access for the right reasons. “And as we planned, we can now automate many of our certifications and have our certifications conducted on an ongoing basis,” Sørensen said.
Following the successful implementation of IdentityIQ, NNIT then turned its sights to IdentityIQ File Access Manager (formerly SecurityIQ) to help it better govern its unstructured data. The market research firm Gartner estimates that 80 percent of all enterprise data today is unstructured data. “Like most enterprises, we need to improve our governance over our unstructured data. And deploying IdentityIQ File Access Manager is a very natural step in that direction. It’s especially important with both the growth of unstructured data and GDPR regulatory demands,” she said.
It also turned out, as a SailPoint partner, deploying IdentityIQ and IdentityIQ File Access Manager proved to be a great business decision. Sørensen explained how the deployment has helped them to better substantiate SailPoint to their customers. “Whenever we have an identity discussion with our clients, they ask if we have an identity management system that we use ourselves. We will say “Why yes, of course we do,” and we point to our SailPoint success. That helps assure them that they are making the right choice and that we have the experience necessary to make their implementation a success as well,” she said.