Identity governance at ING Australia has had a major overhaul, freeing the bank’s IT team from spending a week chasing permissions and safeguarding ID compliance.
Prior to the update, granting access for employees joining, leaving or moving within the company was a manual process handled by managers and IT staff.
Chasing up the necessary permissions from each department and system the employee needed access to could take up to a week - time for which the employee was paid for doing nothing and time the IT team could better spend on other projects.
Slow, manual processes prone to human error were also a governance issue, which was not an idea scenario for a bank to have in 2018 as the the industry and practices were put under the spotlight of the Royal Commission into banking.
Area lead for Identity and Access Management Angelina Potapova oversaw the project, partnering with ID governance software vendor SailPoint to deliver a solution that drew data from the bank’s HR staff movement feeds.
It resulted in more than 1,500 employees and their access has been brought under a single, automated purview, reducing mistakes and providing an up to date account of who has access to what.
Automating staff access also meant employees can hit the ground running, with all permissions for the systems they interact with granted on the first day on the job.
The rollout of SailPoint IdentityIQ went relatively smoothly, however, it took some convincing to get management on board as they didn’t see a non-customer facing project as being a high priority.
Once managers saw the time that was saved, the project gained wide acceptance and support within the bank.
The ability to audit access and compliance also caught the attention of the larger ING Group, who have a particular interest in governance now their Amsterdam headquarters are highly susceptible to the European Union’s GDPR privacy regulations.