The financial services industry is tasked with securing critical applications and data, and as such, is held to the highest standards with regards to regulation and compliance. While this is good news for the general public, it can be challenging for these organizations as they struggle to mitigate risk while remaining agile. Orrstown Bank came to SailPoint for a cloud-based Identity and Access Management (IAM) solution that was quick to deploy and could easily manage access to their hundreds of vital business applications. Today we’re sharing how our Identity-as-a-Service (IDaaS) solution, IdentityNow, enabled Orrstown Bank to protect against threats, while also saving both time and money.
For organizations, answering the question of “who has access to what” applications and data the organization maintains is of paramount importance. Especially for highly-regulated companies such as Orrstown Bank, being able to answer this question at any moment not only aids with compliance efforts, but also mitigates risk across the entire business.
Orrstown Bank understands the threats that it faces as a financial institution, but with its hundreds of applications – many of which that are critical to the bank’s operations – finding the right solution that could work with them posed a challenge. While protection of data and integrity of transactions is the bank’s top concern, they also needed a solution that could quickly be deployed, was easy to use for its 400 business users in 28 locations, and had a quick time to value. SailPoint had just the solution: IdentityNow. IdentityNow’s cloud-native architecture runs on Amazon Web Services (AWS) and leverages the platform’s security, availability and elasticity.
Leveraging SailPoint’s expertise, Orrstown Bank began their IAM endeavor with the highest-risk and most complex areas of their technology stack. In under 2 months, they had deployed IdentityNow to automate access certifications, password management, and single sign-on for most of their primary applications and have since expanded the platform to include well over 100 applications.
By focusing on the areas with the most entitlements, those with entitlements that changed the most frequently, and with the highest numbers of users, Orrstown Bank was able to secure the most sensitive information while simultaneously determining the most efficient and effective procedures and processes. Now, connecting to and becoming secured through IdentityNow is automatically included in the process of any application that they deploy. This change from previously being a discretionary process has helped to further secure access to the organization’s sensitive information and mitigate the risk of a data breach.
By deploying SailPoint, Orrstown Bank expects to reduce calls to their helpdesk; the challenge is getting employees to consistently use the system. Those that have provided (and regularly do provide) feedback that it “has greatly simplified their life and they don’t know how they lived without it.” They have also reduced the time it takes to certify access by 2,000 hours a year. Perhaps most importantly, they can now answer the question “who has access to what” at any point. This has eased the creation of role models, which has made it easier to terminate access when employees leave the organization. This further eases the processes associated with audits and compliance.
”Orrstown is growing quickly and as such we expect the already complex nature of Identity and Access Management to become more complex. SailPoint’s IdentityNow gives us a scalable solution that provides robust controls to manage user access,” said Andrew K. Linn, SVP, Chief Information Security Officer, Orrstown Bank.
Orrstown Bank is continuing to expand its deployment with IdentityNow and solve its biggest challenge: employee education. But with SailPoint’s support and IdentityNow to continue saving both time and money for the business, Orrstown Bank is now more secure than ever before.