Ing Group Case Study
Essay by 24 • March 23, 2011 • 1,485 Words (6 Pages) • 2,088 Views
In 2005, ING became the sixth largest European financial institution, based upon market value, up six positions from only one year earlier. According to ING executives, this change is a reflection of the company's success in offering innovative and low-cost customer-focused services through a variety of distribution channels, including Web services, call centers, intermediaries and branch offices.
Business need: Facing a growing number of industry regulations and increasing sophistication of its business services, ING needed to reduce the time and cost of managing employee access to information while ensuring staff could quickly respond to business change
Solution: Working with IBM Global Services, ING launched an innovative Entitlement Program powered by IBM Tivoli®, WebSphere® and eServer® technology that will help reduce costs, improve staff productivity and enhance security
Benefits: Total projected savings of Ђ15 million (US$20 million) a year; projected 50% reduction in the number of administrators assigned to support identity management processes within 18 months; anticipated 25% savings in help-desk administrative costs; ability to reduce time and cost associated with regulatory reporting; ability to reduce turn-on time for new users from 10 days to less than 24 hours
"IBM WebSphere software and IBM ~ systems are infrastructure standards at ING. They provide a highly reliable and high-performing platform to run IBM Tivoli identity management software."
--Pieter Vallen, Project Manager, Entitlement Access Infrastructure, ING
"Using IBM Tivoli Access Manager and IBM Tivoli Identity Manager together enables us to reduce costs and simplify processes even further. Now we can manage multiple user and authorization
administrations from a single point of control."
-Henk Veerman, Information Security Architect, ING Entitlement Program
Why IBM?
IBM provided an intelligent security management platform to seamlessly integrate business
and IT processes and automatically provision access based on corporate policies
Headquartered in Amsterdam, ING Group (www.ing.com) provides banking, insurance and asset management services to more than 60 million private, corporate and institutional clients in 50 countries. In 2005, ING became the sixth largest European financial institution, based upon
market value, up six positions from only one year earlier. According to ING executives, this change is a reflection of the company's success in offering innovative and low-cost customer-focused services through a variety of distribution channels, including Web services, call centers, intermediaries and branch offices. With the increasing pressure for on demand business, ING executives stress that to continue on this path, they must eliminate process inefficiencies and strengthen the company's ability to adapt to change.
Indeed, for the organization's Global Information Risk Management and IT organizations, flexibility is important. The growing number of regulatory requirements and increasing complexity of the company's operating environment increased the time and cost of managing access rights for ING's 113,000 internal employees and threatened to inhibit service delivery. Using paper-based forms and faxes to process requests and approvals caused the turn-on time for new services to reach more than a week at times. Because employee information was stored in numerous local security databases, it was time-consuming for security officers to compile the necessary information for regulatory reporting and difficult to verify that access was revoked across all services following an employee's departure. As the company's infrastructure grew, so did the number of local administrators required to implement employee access changes. Executives worried that these processes would ultimately affect service delivery standards, increase administrative and support costs, and reduce staff confidence in meeting audit and regulatory mandates in a timely manner.
"Given the type of information financial institutions must handle, ensuring appropriate access for all employees to all data is of paramount importance," says Dion Kotteman, program manager, Global Information Risk Management, ING. "Effective identity management helps us maintain our reputation for excellence, protect the security of sensitive, private information and enable our employees to deliver the fast service customers expect. To help ensure ING could continue to adapt to market and regulatory changes, we had to reduce the time and cost of identity management while strengthening security levels."
Provisioning access automatically based on employee attributes
To address this challenge, ING needed to create an on demand operating environment for identity management that met cost-reduction demands while supporting company growth and market changes. It means fundamentally changing its approach--from managing access based on individual rights to ultimately automating access based on selected employee attributes such as job function, job title, business process and physical location.
ING called on IBM Global Services to help design and deploy an open, integrated and automated platform to drive the new ING Entitlement Program. "IBM Global Services brought to the table extensive experience in making the right design decisions for this type of project and helped to improve the design and implementation process," explains Pieter Vallen, project manager for Entitlement Access Infrastructure (EAI), ING.
IBM delivers an integrated solution to accelerate time to value
During the first phase of its program, ING is using IBM Tivoli Identity Manager and IBM Tivoli Directory Integrator to automate and integrate existing processes and information. This includes the delivery of the following capabilities:
* A streamlined approval process that leverages electronic forms and intelligent workflows to enable managers to request and approve authorization requests online
* A self-service capability so employees can change their passwords without the assistance of help-desk personnel
* A single point of control for security officers to manage authorizations and create accounts and groups for each ING target platform, including
...
...