Royal Schiphol Group: Increased Efficiency of Account Lifecycle Management
The Netherlands’ airport Schiphol sought a solution to get access control of its identities and increase lifecycle management of those identities, providing time saving and increasing IT security.
December 2017: “Our main ambition was to get access control of Schiphol’s identities and increase lifecycle management, ensuring the identity access landscape is correct and up to date at all times,” says Matthijs Sepers, Program Manager of the Royal Schiphol Group’s identity management and access governance project.
Royal Schiphol Group focuses on delivering top connectivity, excellent visit value, competitive marketplace, development of the group, and sustainable and safe performance. As part of its mission to be the best digital airport, Royal Schiphol Group IT is an early adopter and uses the latest best of breed technology.
Eliminating the middle man
Royal Schiphol Group recently concluded a large scale identity management and access governance project with Omada, to get in control of the organization’s identity access, be able to govern the identities’ access and prove compliance with legislation such as the EU General Data Protection Regulation (GDPR). Omada now manages 7500 identities, including external employees and partners.
Developing a fully automatic process, which would eliminate the need for a middle man, was a core focus for the project. This would eliminate external parties and the Helpdesk, and not only save time, but also cost. It was a demand that the responsible manager should be able to do the entire registration and update by him or herself, fast, and that the managers should be able to work with the identity and access management tool without IT assistance.
Fully automatic and ‘idiot-proof’
All managers across the organization were automatically given access to the self-service portal, helping to secure increased efficiency and ease of use. The manager is now able to quickly and easily see what he needs to do, with a simple workflow – it is ‘idiot-proof’. It takes just two minutes to create an account, which is a significant time saving efficiency.
“The solution has been successfully implemented and works very well today”, says Matthijs Sepers. “The portal is configured in the Royal Schiphol Group style and is easy to use, which was very important to us,” he adds.
Efficient lifecycle management of the organization’s identities
Once the identity access was in control, the next step was how to ensure governance. Ensuring an easy and efficient lifecycle management process of Royal Schiphol Group’s identities, means the data is always up to date.
To ensure an efficient lifecycle management, the project first had to decide where the responsibility should be.
“We discussed many times where the responsibility for each identity should be – should it be IT? Or maybe HR? In the end, the only person who knows what kind of access an employee should have, is the manager. The manager knows when an employee joins, moves, or leaves the organization. I see many other Identity management projects struggling with this issue, we fixed it by managing this process efficiently in the Omada self-service portal and not using the HR System,” says Matthijs Sepers.
About Royal Schiphol Group
Royal Schiphol Group offers airport infrastructure and ensures that its airports are optimally accessible. The airport has a clear ambition to develop Amsterdam Airport Schiphol into Europe’s preferred airport for passengers, airlines, and logistics service providers alike. In 2016, the number of passengers served by Amsterdam Airport Schiphol grew by 9.2% to almost 63.6 million and cargo volumes increased to a record volume of almost 1.7 million tons. Furthermore, the airport site alone accommodates some 500 companies that together employ 65,000 people. All in all, 70 million passengers travelled through Royal Schiphol Group’s Dutch airports in 2016, an increase of 8.9% from the previous year.
HOW TO ACHIEVE GDPR ACCESS COMPLIANCE IN A FEW MONTHS
Organizations need to get an efficient and future-proof access governance solution in place in time for May 25 2018 and beyond., as solid access governance is a vital prerequisite for GDPR access compliance. Omada's approach will get you up and running in just a few months, supporting a fast track to get in control of data and demonstrate compliance with easy-to-use, easy-to-manage dashboards.
Download Omada's GDPR Access Governance product sheet to learn how you can achieve GDPR Access Compliance in a few months.