Absa Bank transforms its non-employee identity management

SailPoint Helps GE Cut Costs and Unify Its Global Security Efforts

An S&P 500 company based in Bellevue, Washington, PACCAR designs and manufactures large commercial trucks sold worldwide. Big trucks such as Peterbilt, Kenworth, and DAF that help companies move materials and finished goods from sources to plants to consumers and more.

Originally founded to produce railway and logging equipment in 1905, the company has grown organically and through acquisition to become a leader in “big rig” truck production, with locations in multiple countries, including the United States, Netherlands, Mexico, Canada, Brazil, and the United Kingdom, with revenues of over $27 billion in 2022.

But designing, producing, selling, and supporting work-horse trucks requires more than mechanical muscle. It also requires a large workforce that can respond quickly to changing customer and market needs. For PACCAR, future growth and market success depend on its 32,000 employees having access to the resources they need to do their jobs well.

That’s why the company has moved to make identity security a key focus over the past few years. With SailPoint, PACCAR has been able to streamline subsystems, governance, and compliance to make employees more effective and business processes more efficient.

Creating a foundation for future growth with identity security

These days, every organization is looking for an edge; ways to help meet market and customer needs, generate profits, and increase agility and responsiveness to capture new business opportunities as they arise.

For PACCAR, identity security is integral to creating a foundation for future growth and addressing those goals. With a workforce in the tens of thousands, PACCAR knows how important it is to ensure digital identities for security, efficiency, and opportunity reasons.

Like many organizations with long-standing business processes built up over time, a few years ago, PACCAR found itself with several manual identity processes.

“When I came in five years ago, everything was manual, from the submitted IT Service Management (ITSM) form to the creation process,” said MicheleAnne Schroeder, IAM Manager at Paccar. “We did have some PowerShell scripting to help with the onboarding and certification process.”

In addition, the organization didn’t have visibility into its user identities. “We had a mainframe, AS/400s, and many different identity stores where identities were being created, but there was no way to attach those identities to a global identity.”

To add to PACCAR’s identity challenge, the company had eight different HR systems spread across the globe, from Brazil to Europe to Canada to Australia to North America.

Schroeder and PACCAR’s leadership realized that what was needed for future growth was to bring all those identities together.

Creating a single view of identity

To bring identities together from multiple systems and sources worldwide, Schroeder’s team started by expanding its global identity system, which it already used to manage all its contract workers.

Since most of the company’s applications flow through Microsoft Active Directory and use SSO and Azure, PACCAR gave everyone with a network account a global ID. The group created a global ID database to standardize identities from the company’s eight different HR systems.

PACCAR then used that new global view to feed into SailPoint IdentityNow as a foundation for future identity security and control.

It was a critical step in the solution since all eight HR systems operated differently and had different fields.

“We worked with different HR vendors, such as JD Edwards and ADP, to accommodate our global ID if they didn’t have a field for it,” said Schroeder. “That enabled us to put the single user global ID into the HR systems.”

An additional challenge was defining a process for handling employees that moved from one HR system to another, for example, shifting from one region to another or from one functional area, such as accounting, to another, such as manufacturing.

“We worked to make sure that the global ID would move with the employee no matter what their HR employee ID was,” said Schroeder. “That was our foundation.”

Throughout the process, an essential consideration for the identity security team was working to understand the procedures for each HR system and business unit. “We didn’t want to change their processes,” said Schroeder. “Instead, we wanted to build requirements into the tool to support their processes and maybe even make them more efficient. Anytime you can help make things more efficient for the business, you know they will want to adopt it.”

Key learnings from successfully implementing identity security

Being successful with identity security isn’t just about plugging in a technology. Of course, you need a robust, enterprise-class identity security platform like SailPoint, but you also need the proper process and people skills.

In PACCAR’s case, the deployment challenges were heightened because of the global nature of the organization, with business units in multiple countries. That didn’t slow down Schroeder’s team.

“We went over to the Netherlands to meet with key stakeholders face-to-face and give them demonstrations of the tool and certification process,” said Schroeder. “Once they saw it, they were all on board.”

Schroeder’s team has also been focusing on manual processes that are labor-intensive and can be automated to gain business support. Lastly, Schroeder notes the importance of involving people early. “Another learning we’ve found is to incorporate teams early on, so they can be part of the requirement gatherings as well as the solution,” said Schroeder. “That way, they’ve bought into it and know they were part of the decisions.”

The future with AI and identity security

AI is increasingly prevalent in business and technology environments. It’s also becoming an important consideration for organizations deploying identity security.

 “We began production with SailPoint AI-Driven Identity Security in early 2022. We turned AI capabilities on in the production system but are still in our beginning stages with it. We know that AI will really help us accelerate the automated management of roles.”

PACCAR plans on using AI to start consolidating roles, doing cleanup on them, and creating visibility across different functions. They look forward to continued success and efficiencies with SailPoint.