Transportation Manufacturer Streamlines Compliance with RSA Identity and Access Management (IAM)

This leading North American manufacturer of heavy-duty vehicles designs builds and markets a wide range of trucks, buses, motor homes, and emergency vehicles. The company has over 20,000 employees, and its IT infrastructure supports more than 13,000 users.

The enterprise had relied on a cumbersome manual process for access certification control but was concerned about its cost and accuracy. Ensuring compliance with the Sarbanes-Oxley regulation was difficult: just checking for segregation-of-duties (SoD) violations could take weeks.

The company wished to reduce the cost of its manual process and automate SOX access certification, including automated monitoring of access to sensitive financial applications. The company also wanted an automated method of checking for segregation-of-duties violations across the enterprise (including SAP and the mainframe) and a solution that would improve audit efficiency as well as lower costs.

Access Certification Manager:
Policy and process automation for access oversight
The company has deployed Access Certification Manager to ensure that it can properly govern user access to information resources and avoid any unnecessary business risks.

Through the RSA IAM solution, the organization's information security team will now have:

  • The ability to understand who has access across all information resources and entitlements, how they got it, and who authorized it
  • An automated approach for review and certification of all employees', contractors', and consultants' access to privileged information by either a supervisor or an application owner
  • Greater accuracy for access review/certification by providing entitlement data to reviewers in a business-friendly terms so it can be understood in the context of a user's job responsibilities
  • An automated system that will inform the user provisioning system when user access is to be granted, and when it needs to be taken away
  • Confirmation that privileges have been granted or revoked as directed by the system
  • A system of record that provides a full audit trail for access as well as evidence of compliance

With the RSA IAM platform in place, the company is assured of effective and automated access governance across the entire organization.

For more information on RSA, contact the RSA Product Manager at Networks Unlimited at priscilla.vanesch@nu.co.za or on (+27) 011 202 8400.