VINCI Energies

Requirement for scalable and user-friendly identity management solution

VINCI Energies' business and growth model is centered around acquisition, so welcoming and onboarding new employees needs to be a seamless process. When VINCI Energies was involved in a major acquisition, they already used NetIQ Identity Manager for 8,000 users. The acquired company used IBM Tivoli NetIQ Identity Manager, and it quickly became clear that this was not particularly user-friendly or scalable.

Looking to unify identity management across the organization, and bearing in mind that more acquisitions would follow, Stephane Remars, IAM Architect for VINCI Energies, formalized their requirements: “Above all, we needed a scalable and user-friendly identity management solution. We were in the process of moving to Office 365 and have several other key systems that we need to integrate with, so interoperability was important to us, without the need to excessively customize. We really wanted a near real-time solution so that users are provisioned very quickly, crucial to a positive onboarding experience.

Thanks to the scalable processes we have introduced with NetIQ Identity Manager, we can manage 80,000 identities across a complex and decentralized organization with a core team of just three people, helping us to quickly integrate new companies and colleagues to keep our productivity levels high.

NetIQ Identity Manager's out-of-the-box integration capabilities deliver advanced automation

This complex organization with many global locations required fine-grained identity management. This needed to fully automate user provisioning and deprovisioning, manage license granting workflows, and provide user self-service functions, such as password management. This all pointed in the direction of NetIQ Identity Manager, which already had a proven track record as a solid identity management solution for VINCI Energies. Supported by a partner, the team leveraged the organization's Azure cloud-based authentication platform that uses Active Directory as its core identity repository. With out-of-the-box integration capabilities, NetIQ Identity Manager successfully connected to the organization's SAP, HR, and ITSM systems to gain a single view of identity management.

“The out-of-the-box functionality was unique to NetIQ Identity Manager at the time,” recalls Stephane Remars. “It has a great selection of bundled connectors, and the central user interface makes it a really user friendly tool for us. We also love that we can provision, and deprovision, users in near real-time. If we were to do this manually, it would take up to three days for a user to gain access to all systems they need to do their jobs, assuming no human error has been made during the manual process. Automation is a big advantage for us and the only way we can scale to the required numbers.”

All user passwords are managed on a self-serve basis, without needing helpdesk support. Users have access to a mobile app where they can reset their password directly in NetIQ Identity Manager, making it a simple and easy process. Through the NetIQ Identity Manager connector integration with HR systems, users who leave the organization are automatically deprovisioned. This is important as inactive accounts present potential security gaps, but it also means that the team has full visibility into its active users at any time. As many software licenses are paid per user, it is advantageous that the user base is so transparent, to ensure cost effective license management.

Managing 80,000 identities with just three staff

“Self-service and automation are the keys to success for us in identity management as they minimize the risk of human error,” says Stephane Remars. “In the last 12 years, we have grown from 30,000 users to 80,000, mostly through acquisition. When new companies join the VINCI Energies family, first impressions for our new colleagues are crucial for a successful collaboration. Having a streamlined and near real-time identity management process is a huge benefit in this respect.”

He concludes: “Thanks to the scalable processes we have introduced with NetIQ Identity Manager, we can manage 80,000 identities across a complex and decentralized organization with a core team of just three people, helping us to quickly integrate new companies and colleagues to keep our productivity levels high. Aside from the technological decision, we were also pleased to discover that CyberRes (now OpenText Cybersecurity) has an ambitious environmental, social, and governance (ESG) agenda, valuing sustainability and its social impact on communities, very much in line with our own core values.”

The out-of-the-box functionality was unique to NetIQ Identity Manager at the time. It has a great selection of bundled connectors and the central user interface made it a really user-friendly tool for us.