Case Study: The Salvation Army “confident” in its data quality

The Salvation Army is now confident in its data quality after introducing improved identity management protocols throughout the organisation.

Lachlan McGill, general manager of cyber risk and compliance at The Salvation Army told Digital Nation about challenges it faced in the identity management space and how it overcame this to achieve its goals.

“We were concerned about who had access to all of our different applications when they left, what levels of access that people had and something that we struggled with is … a lot of disparate systems across the organisation.

“It's really hard to try and keep on top of that and try to manage people's identities and access across all of those applications.”

He said the issue with its data quality involved identity or user accounts coming from its HRIS system flowing into ServiceNow, flowing into active directory and Azure active directory “and trying to keep all of that information in sync was a struggle.”

McGill said while there were a number of scripts that got developed, “they were running on a daily basis just to try and keep this information in sync”, leading the team to implement SailPoint.

He added with data quality in place, the team can remove some manual processes and has created the ability to review privileged access.

“We're confident that we have data quality. We've been able to get rid of the overhead in managing the scripts and manual processes, ensuring that the data is in sync across all those applications.

“What we've also been able to do is remove some of the necessity of our service desk getting involved in creating access for staff members when they're due to come on board.”

McGill explained staff are able to access the correct information needed without delay following the implementations.

“Previously, users would probably have to wait up to days and in worst case scenarios, weeks, just to get the right access set up for them because there are so many different areas to talk to and so many different forms to fill out.”

He said after the two-year project “they're getting that foundational access from day one”.

“Requesting access to some of the other applications that they might need is now a much easier process because the automation in the background is ensuring that their request goes to the right people from the get-go instead of being handed around to different teams trying to find out who is responsible for granting the access.”

Next steps include looking for a managed service provider to help with incident support, according to McGill said.

“What we're working on at the moment is trying to get the right support in the SailPoint.

“We had a project team that externally sourced to do all the design implementation for us, now that the project's finished, we now have to bring in some sort of method of supporting and setting the application ongoing."

McGill said it's already gone out to market to look for a managed service provider.

He added next steps for the team at The Salvation Army also include applying enhancements to its architectural process, potentially more automation.

“What that means for us is embedding it in our architectural governance process so that new applications coming on board are mandated to integrate with SailPoint.

“We’ll be looking to develop some security principles around that and ensure that we get the most out of the platform.”