printer friendly version

New York City Transit

New York City Transit is the largest agency of the Metropolitan Transportation Authority (MTA) in New York, the largest transportation network in North America serving 14,6 million people. New York City Transit has the world’s largest fleet of subway cars and the largest public bus agency.

As New York City Transit moves from manual train control to a more computerised environment, providing secure access to applications and buildings is critical. The agency has 49 000 employees across 500 locations, and also manages benefits for 36 000 retirees and spouses.

For the IT staff, provisioning new users was a lengthy manual process, often requiring a few weeks to give users access to the right applications. Revoking network and building access for terminated employees was also time-consuming, and posed security risks. Automating identity management would allow the IT staff to decrease administration time, while greatly improving security.

The agency also needed a security and identity management solution that would work across a mixed operating environment consisting of Microsoft Windows, NetWare, Unix and a variety of mainframe and mid-range servers.

Selecting NetIQ

After evaluating identity management solutions including Oracle, IBM, and Microsoft, New York City Transit selected a NetIQ solution consisting of Identity Manager and NetIQ Access Manager. With API support for disparate systems, the organisation can connect to Microsoft Active Directory and RACF across a variety of operating platforms.

New York City Transit implemented Identity Manager to automatically synchronise user identities across multiple systems, including its time keeping and building access systems. Access Manager allows the IT staff to give employees and contractors role-based access to applications, based on authoritative user data in the agency’s employee information system.

An identity management solution has also helped New York City Transit with its governance, risk and compliance (GRC) strategy. The IT staff can manage risk by ensuring that the right people have access to the right information.

With Identity Manager, the agency has eliminated the manual processes associated with user provisioning and can set up new user accounts in a few hours, rather than a few weeks. The IT staff can also revoke access as soon as employees leave the organisation to safeguard the security of its network, as well as access to its 1500 critical infrastructure control rooms.

With a NetIQ solution, the staff can ensure that users have access only to authorised applications and building, which is critical when managing a large transportation system. Automating identity management has also freed up the IT staff to work on more challenging projects, rather than routine administration.

Cost savings

With centralised identity management, the IT staff can give users a single ID and password to access applications. This has dramatically reduced the number of passwords users had to remember, as well as the number of password-related helpdesk calls. Password self-service also allows users to manage their own passwords.

For its 36 000 retirees and spouses, New York City Transit provides VPN access to its network and uses SecureLogin to provide secure, single sign-on access. Once users have network access, Access Manager provides authorised access to a Web portal where they can access and change their benefit information.

New York City Transit runs its NetIQ identity management solution on SUSE Linux Enterprise Server for greater stability and has had zero downtime to date.

With a NetIQ identity management solution, New York City Transit centralised and automated identity management for 85 000 employees, contractors and retirees. The IT staff has reduced time spent on user provisioning by 60% and can provision new users 90% faster. Users now have secure, single sign-on access to applications which has improved security, as well as employee productivity.

Making its benefits program available online to 85 000 users has dramatically reduced the mailing and administrative costs of managing the agency’s benefits program. New York City Transit has automated identity management and created new services for users, all without the need for additional IT resources.

Share this article:

Further reading: