Financial identity management challenges

Access & Identity Management Handbook 2022 Access Control & Identity Management

An American multinational financial services corporation that facilitates electronic funds transfers throughout the world, has about

13 000 identities (employee and non-employee) across 80 office locations in 40 countries. The company was managing these identities using multiple locally maintained access control systems.

When the use of these multiple disparate access control systems and devices became increasingly complicated, the HID client resorted to manual processes to automate access provisioning. Not only were their processes inefficient, but they also increased their risk exposure. A change was necessary to improve their situation, so they began their search for a new solution to manage their physical security infrastructure. The challenges and limitations faced by the company were leveraged to identify key requirements needed to manage their physical identities and access, which included the following.

Interoperability of authoritative and security systems

The security team lacked a consolidated view into the physical security infrastructure of the organisation, resulting from a lack of standardised global policies, reporting, planning processes, common documentation and tools to protect people, information and the facility in offices across their many global locations. A centralised, interoperable system would be required to manage the scope of their identities and physical access requirements.

Common system architecture and design

The complication described above was aggravated due to the employment of several identity-based systems, each containing multiple stakeholders. These systems store data for the same person but – due to lack of proper integration – data exchange happens through manual interactions. These solutions also had limited or no integration with authoritative and logical security systems. As a result, there were huge operational inefficiencies, delays and a high state of risk to potential security exceptions. To blunt these risks, future-focused integration capabilities would be required.

Managing access lifecycles for multiple stakeholders

The company has multiple stakeholders (employees, visitors, contractors) who access the premises and each person holds a varying risk profile and access requirement. Due to the manual nature of its access control operation, the entire process of onboarding, performing background checks, provisioning access and off-boarding was slow, error-ridden and costly. Automation would be necessary to improve operating costs and increase efficiency.

Common notification and escalation procedures

The client’s approval lifecycle was manual and paper-based; therefore, it was extremely difficult to track access-related activities. For instance, if an approver was not available, the identity had to wait multiple days to get access. To solve this problem, they would need standardised criteria for escalation, activation and communications.

Compliance with industry standards and regulations

The client’s physical security systems managed identity, credential and access data but lacked the capability to automate the policies and processes for managing personal and property security. This required extensive manual intervention by the physical security team which caused delays and manual errors as well as a high level of effort from the team. The company was looking for a 100% automated environment for reporting and assurance in accordance with government/industry compliance standards.

The HID solution

The challenges mentioned above are exactly the issues that HID’s SAFE solution solves best. The client selected the HID SAFE Enterprise solution to provide their organisation with a comprehensive view of their physical access operations and automate their existing processes associated with access and identity lifecycle management, resulting in faster processing times and better audit controls.

Integration and interoperability of the siloed physical security system

HID’s SAFE Enterprise solution provides ready-to-use connectors (agents) which integrate with the external disparate Physical Access Control Systems (PACS) present at the client’s sites (CCURE and Picture Perfect) and the authoritative Human Resource Management System (HRMS) to provide a common centralised security platform. With the ability to communicate across devices and systems, HID SAFE delivers the client a unified comprehensive view of security and provides seamless processing of identity information from the PACS to HID SAFE.

Automation of the entire physical identity lifecycle management

HID SAFE Enterprise enabled the client’s security managers to create and automate standard security processes and policies to grant, manage, revoke and provision physical security identities and access privileges across international sites/PACS.

Tracking every visitor with HID SAFE Visitor Manager

HID SAFE Visitor Manager provided the client with web-based, policy-driven software to securely manage visitors by automating different processes throughout the access lifecycle. HID SAFE Visitor Manager manages the visitor pre-registration, background checks, check-ins, badging and check-outs. It provides an efficient visitor management process and the ability to track and report every visitor’s activity.

HID’s SAFE solution has replaced the company’s manual processes associated with automated on-/off-boarding employees, visitors and contractors, card issuance, access assignments and provisioning access control, so new personnel can be operational in minutes. SAFE’s improvement in efficiency ensures a 90% reduction in the card management process and abandons manual processes for identity-management – saving the client a huge sum in annual operation costs.

To summarise, the overall benefits for the financial services client using SAFE Software from HID are:

Safer premises: SAFE provides a centralised administration of the entire access management process. The security team now has a comprehensive unified view of their entire physical operation. This ensures that unwanted identities are not able to access premises.

Enhanced operational efficiencies: With SAFE providing system interoperability and automation of the otherwise manual tasks, the physical access processes such as access approvals are completed within minutes, without delay – improving operational efficiencies.

Substantial reduction in operation costs: SAFE reduced manual interventions such as paper-based request forms and it automated reports so that security and business units can analyse data quickly and in turn, make informed business decisions. This has increased efficiency and significantly lowered processing time Auditing and compliance: SAFE delivered a 100% automated environment for reporting and assurance in accordance with government/industry compliance standards.

Comprehensive reporting: SAFE provides security managers with robust and full-featured reporting capabilities that can support workflow – embedded, scheduled and ad hoc reporting of identity and physical access events and activities. Configurable reports and dashboards promote efficient and appropriate operational decisions to better manage threats. Reports may also be sent to SAFE users based on events/triggers or on defined scheduling as delegated in the policy engine.

Reprinted with the permission of HID Global.


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Bespoke access for prime office space
Paxton Access Control & Identity Management
Nicol Corner is home to a six-star fitness club, prime office space, and an award-winning rooftop restaurant. It is also the first building in South Africa to have its glass façade fully incorporate fritted glazing, saving 35% on energy consumption.

Gallagher Security launches Augmented Reality Training in Australia
Gallagher Training & Education Access Control & Identity Management
Gallagher Security has announced the latest addition to its innovative suite of training solutions, Augmented Reality Training, demonstrating its continued commitment to innovation and improving access to security training opportunities.

Fluss launches the next wave of IoT solutions
IoT & Automation Access Control & Identity Management News & Events
Fluss has announced its newest IoT product; Fluss+ continues to allow users to manage access from anywhere globally and brings with it all the advantages of Wi-Fi connectivity.

The future of digital identity in South Africa
Editor's Choice Access Control & Identity Management
When it comes to accessing essential services, such as national medical care, grants and the ability to vote in elections to shape national policy, a valid identity document is critical.

The future of access control is mobile
HID Global Mining (Industry)
The growing popularity of trusted ecosystems of cloud-connected access control devices, applications and trusted mobile identities has made mobile access easier to adopt than ever.

Defending against SIM swap fraud
Access Control & Identity Management
Mobile networks must not be complacent about SIM swap fraud, and they need to prioritise the protection of customers, according to Gur Geva, Founder and CEO of iiDENTIFii.

Access Selection Guide 2024
Access Control & Identity Management
The Access Selection Guide 2024 includes a range of devices geared specifically for the access control and identity management market.

Biometrics Selection Guide 2024
Access Control & Identity Management
The Biometrics Selection Guide 2024 incorporates a number of hardware and software biometric identification systems aimed at the access and identity management market of today.

Smart intercoms for Sky House Projects
Nology Access Control & Identity Management Residential Estate (Industry)
DNAKE’s easy and smart intercom solution has everything in place for modern residential buildings. Hence, the developer selected DNAKE video intercoms to round out upmarket apartment complexes, supported by the mobile app.

Authentic identity
HID Global Access Control & Identity Management
As the world has become global and digital, traditional means for confirming authentic identity, and understanding what is real and what is fake have become impractical.