Create a common framework so that Danish municipalities can take advantage of advanced identity and access management without needing in-house expertise.
Nearly a hundred local municipalities cover Denmark, looking after their citizens every need, from education to healthcare, childcare, and support for the elderly. These organizations must integrate with up to 30 systems at a national level, to support the social structure of the country, and facilitate effective benefit and pension payments to citizens. This is where Nicolai Jensen, senior enterprise identity & access management architect, at PwC Denmark, saw a great opportunity: “We recognized that the individual municipalities have very similar requirements. They all need to integrate into a public infrastructure and the local organizations are structured similarly too, with the usual payroll, HR, and other back office elements. The municipalities are typically under-resourced in IT as this is not their core competence. We created a co-operation where PwC, together with a number of municipalities, designed a framework that provides all integration points. By sharing the joint development of the platform, new municipalities joining the co-operation can benefit from over 20,000 hours of Intellectual Property (IP).”
Citizen data, and especially social services related data, is sensitive and needs to be managed very carefully. PwC partners with OpenText™ (formerly Micro Focus) to create a robust identity and access management solution. NetIQ Identity Manager provides a unified, real-time view of account information and access rights across diverse applications and systems. NetIQ Access Manager gives a simple, single sign-on and access control experience for all municipality users. “When we looked into this, we really appreciated the flexibility of the NetIQ [by OpenText] solutions,” comments Jensen.
“All municipalities have slightly different processes and [OpenText™ NetIQ™] Identity Manager is able to replicate these, which makes it easier to get up and running and achieve a good user adoption. [OpenText™ NetIQ™] Access Manager ensures that the user is associated with the correct policies and roles.”
With [OpenText™ NetIQ™] Identity Governance and [OpenText™ NetIQ™] File Governance as part of the framework, our municipality partners have a convenient and user-friendly way to review their users’ permissions, vastly improving security compliance and transparency.
Martin Oldin, team leader architecture and infrastructure at municipality of LyngbyTaarbæk (LTK), leverages the shared framework: “Before PwC started this initiative, we, like every other municipality, would need to design and develop our own solutions. It was very expensive, cumbersome, and time-consuming. Pooling our resources to create economies of scale and leveraging PwC expertise is really helpful. In user provisioning alone we save approximately 400 person hours each year. We like that [OpenText™ NetIQ™] Identity and Access Manager are event driven. This means we detect changes as they happen, rather than waiting for scheduled reconciliations that might leave us vulnerable in the meantime. Our data is too sensitive for this.” He continues: “We also had an issue with user deprovisioning, and people who left LTK could exist with an active account in our system for years. This is clearly a security risk, and we were delighted when the new framework completely automated this for us.”
The new PwC and NetIQ™ by OpenText™ framework now reaches some 50,000 municipality users who in turn serve hundreds of thousands Danish citizens. Whereas before it could take an individual municipality up to 100 hours to integrate a single national system, now it takes a mere 1–2 hours in a well-proven, robust, 24/7 infrastructure, supported by PwC. “Before we worked with the PwC framework, our regular audits would be a time-consuming business, involving data exports from various systems,” says Oldin. “Now, we create a report from [OpenText™ NetIQ™] Identity Manager which shows exactly how our data moves between systems and what workflows are involved. Instead of spending a month with our auditors we now finish the report within just two weeks; a 50 percent productivity gain.”
We like that [OpenText™ NetIQ™] Identity and Access Manager are event driven. This means we detect changes as they happen, rather than waiting for scheduled reconciliations that might leave us vulnerable in the meantime. Our data is too sensitive for this.
Encouraged by feedback from the participating municipalities, PwC continually looks to enhance the framework. Recent additions are NetIQ Identity Governance and NetIQ File Governance. These are designed to use identity-based policies to automatically provision data storage, assign permissions, and control access. The framework can also be leveraged to provision users more quickly and free up IT resources. “With [OpenText™ NetIQ™] Identity Governance and File Governance as part of the framework, our municipality partners have a convenient and user-friendly way to review their users’ permissions, vastly improving security compliance and transparency,” says Jensen.
Managers are easily able to review their staffs’ permission rights and if they decide that a person should no longer have particular rights a one-click ‘revoke’ triggers an automated workflow that actions this without any further human intervention. “We’ve spoken with our municipality partners about the savings they have achieved using the new framework,” concludes Jensen. “One large municipality estimates that they would on average have lost 10 percent of productivity, due to new users not being able to access the right systems, or not having a user account at all when they start work. For this particular municipality the productivity saving through having the OpenText™ NetIQ™ driven framework adds up to 42,000 person hours each year, which is an astonishing time that now can be spent on effectively serving and supporting their citizens.”
PwC’s purpose is to build trust in society and solve important problems. In an increasingly complex world, they help intricate systems function, adapt, and evolve so they can benefit communities and society whether they are capital markets, tax systems or the economic systems within which business and society exist.