Solution

The retailer decided to implement Saviynt to streamline access reviews and identity governance, bringing Oxford Computer Group (OCG), a MajorKey Technologies Company, on to implement the solution and integrate it with Microsoft Entra ID. Saviynt will be used to provide insight and govern their entitlements and roles throughout the organization’s application landscape.

OCG implemented Saviynt Enterprise Identity Cloud (EIC) to support the following scenarios:

• Source Of Truth for Users: Employees, Contractors, and Vendors imported from Active Directory into Saviynt EIC.
• Single Sign-On (SSO): Azure AD integrated to provide SSO into Saviynt EIC.
• Accounts & Entitlements: Saviynt EIC imports accounts and entitlement data from key applications, including Active Directory and Azure AD
• Access Certifications: Saviynt EIC creates access certifications for managers to review existing access within specified applications. Managers will approve or revoke access for their direct reports within each application.
• Campaign Summary: Access Certifications generate campaign summaries. This provides the retailer a list of access permissions requiring removal in referenced applications.
• Analytics: Saviynt EIC comes with pre-canned analytic reports that the retailer may be able to use out-of-the-box. OCG built additional custom analytic reports for the retailer to provide useful and actionable data and demonstrate Saviynt EIC’s utility.

OCG provided robust technical and operations documentation, along with multiple knowledge transfer and training sessions for the retailer’s identity team to enable them to continue to gain business value from their IGA investment.

Benefits and Outcomes

• Increased regulatory compliance within SOX and PCI regulations through analytic reports and the periodic review of access to critical business applications that are regularly audited.
• Streamlined access removal or modification that comes directly out of access reviews completed in Saviynt EIC to the retailer’s application owners and service desk team.
• Lowered administrative costs, by replacing the manual process of doing access reviews involving many spreadsheets and emails out to business owners and managers.
• Improved user experience, by ensuring that certifiers have a consistent experience and the appropriate level of detail to correctly review access across multiple applications.
• Standardized the retailer on a single identity governance and administration platform, by establishing an IGA framework solution in which all future and current applications and identity repositories utilize as part of the identity lifecycle.

Next Steps

Now that the retailer has implemented Saviynt EIC for access reviews to meet compliance regulations across seven of their most critical applications, the next step is to onboard additional applications into Saviynt EIC that have similar requirements for access reviews.

Further Saviynt Resources

• Success Story: Helping a Multinational Insurance Company Implement Saviynt
• News: MajorKey Named One of Only 10 Global Platinum Delivery Partners by Saviynt

‍

‍