CSC Streamlines User Access with Comprehensive Identity Management
- Implement comprehensive IDAM services to more securely facilitate enterprise-wide business transformation
- Provide streamlined, secure user access to new cloud-based applications and services
- Develop uniform IDAM services to accommodate a wide variety of requirements across multiple nations and regions
- Implemented CSC’s fully integrated end-to-end IDAM solution
- Established tools to manage user identities, their entitlements and controlled access
- Integrated a blend of leading identity management technologies
- Centralization of identity management and governance services
- Streamlined user access into a single identity capability providing consistent access across applications
- Enhancements in areas such as provisioning, compliance and authentication
As CSC began migrating its core legacy applications to the cloud in 2012, the company knew it would need more centralized management of user identities and access to resources. To meet that need, CSC began implementing comprehensive identity and access management (IDAM), a capability that CSC now also offers to clients.
For enterprises, an important aspect of modernizing legacy platforms and applications is integrating new internal systems, such as cloud-based office solutions, with a standardized, secure identity management infrastructure. A successful IDAM implementation enforces business processes and rules to onboard people and devices to provision birthright applications (Active Directory, email, shared services) and job-specific systems.
CSC’s IDAM solution provides that secure infrastructure using compliant and cost-effective methodology and technologies that offer additional business benefits, such as automated user account creation, governance and compliance tools, and a single sign-on capability spanning multiple applications across multiple domains.
CSC wanted to provide users access to cloud-based applications that included Microsoft’s Office 365 and CSC’s MyWorkStyle next-generation workplace services. CSC operates in many countries and regions, each with its own requirements around governance, sovereignty and privacy. CSC’s IDAM solution gives the company flexibility while consistently streamlining user access across the enterprise.
The CSC Identity Management Practice partnered with SailPoint, an industry leader in identity management, to develop the advanced IDAM solution. CSC then became its own “customer zero” as it implemented the solution company-wide.
IDAM gives CSC the ability to centralize auditing and control mechanisms across a set of business processes that are highly distributed and specific to regions, sites and businesses. The solution leverages existing technology whenever possible while providing authentication as a service.
As part of its ongoing corporate transformation, CSC is simplifying its global operating model and increasing reliance on cloud-based applications and services. “From an identity management standpoint, the transformation has required us to be more agile and more centralized,” says Anna Fernezian, CSC global offering manager. “We also needed to have a better understanding of who has access to what.”
IDAM handles tasks such as identifying new and existing employees’ privileges, meeting security and governance requirements, and implementing appropriate business processes.
“The implementation of an enterprise identity management environment gives corporations a great deal of control and oversight into what’s happening in their organization,” Fernezian says. “For CSC, it allows us to be more flexible when we add new entities, services or applications.”
CSC solution architect Steve Kovin points to two key areas that have improved following the IDAM implementation: provisioning and authentication. He says enterprise applications such as HR and finance have historically had their own separate provisioning models and interfaces. “Our IDAM solution provides a way to centralize that and manage it from a single point, as opposed to building independent bridges. That’s a huge value-add,” says Kovin.
For authentication, or access control, CSC’s IDAM team had to provision user identities to cloud-based email and desktop applications. “There’s a lot of coordination required — from the onboarding process to the offboarding process and everywhere in between,” Kovin says. Also, the team needed to provide multifactor authentication for the new applications, and did so using the Microsoft Azure cloud computing platform.
Kovin says there are unique security challenges with moving into the cloud. “Cloud infrastructure requires a particular focus on security that you may take for granted in a private network,” he says. “You don’t control your partners, so you have to build in your security model and provide the mechanisms for that security.” He adds that when an enterprise is working with cloud tools and providers, it needs to control the authentication and identity aspects of those services.
CSC’s success as its own customer zero for the comprehensive IDAM implementation provides a referenceable architecture that can be extended to other companies, and is especially applicable to organizations that, like CSC, are multinational and moving their systems to the cloud.
For companies trying to implement IDAM across a disparate enterprise, Fernezian says that CSC certainly understands their challenges. “We recognize the variety of populations and business rules that need to be addressed, the global implications, and even the need to divest a group of identities,” she says.
CSC’s solid IDAM backbone allows for additional possibilities in the future. “Identity management enables the corporation to more confidently and securely expand its services and offerings,” Fernezian says. “Once you understand and know who has access to what areas and how to control that access and still provide information securely, it opens the door to new opportunities for corporations to engage with new customers, partners and constituents. IDAM offers you a foundation for better controls.”