Vodacom integrates identity with Novell

May 2009 Access Control & Identity Management

Effective control of permanent and contract staff drove Vodacom to Novell’s Identity Manager.

Vodacom is using Novell Identity Manager to formalise and automate its identity and security management processes. The solution has already reduced business risk by reliably removing access rights when employees leave the company, and Vodacom expects significant improvements in the speed and efficiency of provisioning as it completes its rollout.

Vodacom is a Pan-African cellular communications company providing a GSM service to more than 35,7 million customers in South Africa, Tanzania, the Democratic Republic of the Congo, Lesotho and Mozambique. As the market leader in South Africa, Vodacom also provides 3G services and operates more than 6400 base stations, bringing 97% of the population within its coverage. Vodafone Group owns 65% of the shares in Vodacom.

Vodacom has a large, highly mobile workforce of almost 10 000 people, of whom around one third are contractors. The company outsources much of its IT operations, base station maintenance and call centre operations, creating what amounts to a virtual workforce around the core employees in its 20 corporate locations in South Africa.

Managing access – to physical buildings, network resources and more than 100 corporate applications – for this workforce is extremely challenging. Contract duration varies significantly and contractors may work in a number of different locations, making it difficult to maintain an accurate view of access rights.

Previously, Vodacom was reliant on line managers to ensure that contractors were correctly provisioned and deprovisioned, and there was no easy way to confirm access rights. Vodacom wanted to close this potential security loophole. As a secondary goal, the company aimed to simplify and accelerate identity management, enabling zero-day starts for new employees and reducing administrative costs.

Vodacom conducted a detailed study of the identity management solutions on the market, and undertook a proof of concept exercise pitting Novell Identity Manager against an alternative.

“We were impressed with the quality and maturity of Novell Identity Manager,” said Trevor Owen, executive head of IT, Region South, Vodacom South Africa. “We knew that success would depend not only on good technology but also on strong local skills – Novell and its partner Ubusha Technologies demonstrated excellent skills and tremendous enthusiasm during the proof of concept.”

With risk management the primary driver for the new solution, the first goal was to improve the deprovisioning process, starting with the highest risk areas: access to the IT network and physical access to corporate sites. Working with Ubusha and Novell, Vodacom created a digital identity vault in Novell Identity Manager for all employees and contractors, integrated with its SAP HR system.

The combined team then synchronised identity information across key systems and conducted an intensive data cleansing exercise. To ensure full control over non-salaried contractors as well as salaried employees, Vodacom created for the first time a single database of all contractors, fed by a self-registration website.

By integrating Novell Identity Manager with its Microsoft Active Directory services and with its physical access control systems, Vodacom has enabled automated provisioning and deprovisioning of network accounts and access rights for employees and contractors.

Vodacom has also implemented Novell Access Manager to provide users with single sign-on across Microsoft Active Directory and the various Web applications they are entitled to access.

“We can now reliably revoke all access rights – physical and logical – on the day that an employee or contractor leaves Vodacom,” said Owen. “In combination with Novell Access Manager for single sign-on, Novell Identity Manager is helping us to make significant savings in time and administrative effort.”

The next phase of the identity and security management project at Vodacom will see further integration of applications with Novell Identity Manager, the introduction of identity self-service tools, increased automation, integration with partners in the external value chain, and greater sophistication and granularity in role-based provisioning.

By using Novell Identity Manager to ensure zero latency in the deprovisioning of access rights, Vodacom has met the key compliance objectives set by its chief risk officer, helping to ensure security for sensitive data.

“As a telecommunications business, Vodacom has legal obligations to safeguard confidential customer data; the Novell solution helps us to be confident that there are no gaps in our risk management processes,” said Owen. “Moving forward, our focus will be on building the productivity gains that we saw from day one.”

Novell Identity Manager handles basic provisioning at Vodacom, using the creation of each employee number in SAP HR to automatically assign an e-mail address, network login credentials and the appropriate physical access rights. This has eliminated the manual assignment of network and physical access credentials, saving significant administrative time and effort, and accelerating the provisioning timeline from days to hours.

“Using Novell Identity Manager, we are cutting the administrative workload around provisioning and making it more formalised,” said Owen. “The Novell solution is the foundation for our vision of zero-day starts for new employees. By giving them everything they need immediately, we can differentiate Vodacom and ensure that we attract the best applicants.”

For more information contact Lauren Castelyn, Novell SA, +27 (0)11 322 8321, lcastelyn@novell.com

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The benefits of electronic visitor management
August 2019, Powell Tronics , Access Control & Identity Management, Residential Estate (Industry)
Access control is a critical aspect of estate security as it represents the controls put in place to restrict entry (and possibly exit) along the outer boundary of the location.

Addressing risks by means of access control layout and design
August 2019 , Access Control & Identity Management, Security Services & Risk Management
In order to develop a suitable, practical and appropriate security system for any organisation, it is essential to first develop a master security and life safety plan strategy.

Secure hands-free access
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry)
Suprema’s facial biometric terminals bring no-touch access into secure residential estates, high-rise apartments and luxury homes providing fast, easy and intuitive user authentication with the added benefit of hygiene.

MorphoAccess Sigma Extreme
August 2019, IDEMIA , Products, Access Control & Identity Management
MorphoAccess Sigma Extreme from IDEMIA is a touchscreen device with multiple recognition device interfaces (NFC chip reader, PIN and BioPIN codes, contactless card readers).

Outdoor access terminals
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry), Products
Rugged, dust- and weather-proof access control solutions that provide exceptional durability in extreme conditions is a strong requirement for many residential estates.

MorphoWave Compact
August 2019, IDEMIA , Products, Access Control & Identity Management
The MorphoWave Compact captures and matches four fingerprints on either the right or left hand in any direction. It is robust to environmental factors such as extreme light or dust.

MorphoAccess Sigma Lite
August 2019, IDEMIA , Products, Access Control & Identity Management
IDEMIA’s MorphoAccess Sigma Lite and Lite + are fingerprint access control terminals, offering time and attendance in and out function keys.

Eliminating forced gate opening scenarios
August 2019, ET Nice , Home Security, Access Control & Identity Management
When activated by the gate forced open alarm feature, the transmitter transmits a wireless alarm signal up to 750 metres in any direction.

IAM has business on high alert
August 2019 , Access Control & Identity Management
Identity and Access Management (IAM) is now a must in commerce and the need to protect digital assets is driving the development of solutions and widespread adoption

Came acquires Turkish company Özak
August 2019, CAME BPT South Africa , News, Access Control & Identity Management
Came broadens its market horizons and signals growth and consolidation in the Middle East.