Gestão de identidades corporativas numa empresa de telecomunicações

Mestrado em Gestão de Sistemas de InformaçãoA Gestão de Identidades Corporativas (identificada na literatura como Identity and Access Management ou pelas siglas IAM, I&AM ou ainda IdM) é, para muitas empresas, um tema difícil de endereçar devido à complexidade dos seus múltiplos sistemas de informação. Muitas vezes colocam-se questões relativas às funções de negócio que cada colaborador executa na organização, acerca de quais os acessos e permissões a sistemas de que realmente necessita para o seu trabalho e quais as permissões que atualmente possui. Dar uma resposta precisa a estas questões num determinado instante do tempo é muitas vezes impossível, devido à mobilidade entre empresas, à rotatividade dos colaboradores e à própria evolução temporal dos sistemas. Este trabalho apresenta o desenvolvimento de um projeto de IAM numa grande empresa de Telecomunicações, designado por GIU - Gestão Integrada de Utilizadores, no qual o autor desempenhou o papel de investigador utilizando a metodologia de Action Research. O objetivo da investigação consistiu em, para além de colaborar na implementação do projeto, refletir sobre os aspetos positivos e negativos das decisões tomadas e produzir um conjunto de fatores críticos de sucesso e boas práticas para a implementação de projetos deste tipo. Além disto, procura-se ainda indicar caminhos futuros para a melhoria da plataforma, em interligação com a área de Qualidade de Dados, que permitam que o GIU seja uma fonte de verdade ainda mais credível no que diz respeito à informação de utilizadores e perfis que reside em cada um dos seus sistemas-alvo.Corporate Identity Management (identified in the literature as Identity and Access Management or the acronyms IAM, I&AM or IdM) is, for a fair amount of companies, a hard issue to address due to the complexity and diversity of their information systems. Questions often arise about which business roles are performed by the organization's employees, what permissions they truly require in order to perform their jobs, and what permissions are currently assigned to them. A precise answer to these questions is often impossible to obtain for several reasons, such as, employee turnover, software integration issues and the rapid evolution of corporate systems. This work presents the development of an IAM project named GIU. The project is currently taking place in a large telecommunications company, in which the author played the researcher role using the Action Research methodology. During a direct collaboration in the implementation process, several observations on the positive and negative aspects of project decisions were made, in an effort to provide a set of critical success factors and best practices for the implementation of future projects of the same kind. Moreover, future additions to the platform are recommended, such as connecting it with Data Quality tools, an improvement that would allow GIU to be an even more reliable source of truth concerning the permissions currently provisioned in each of the enterprise systems

Evaluating financial benefits of an identity management solution – CASE Logica

Abstract Research Objective and Method: Main purpose of this study is to discover different financial benefits that identity management solution can deliver and to build a ROI model for identity management solution. The ROI model will show yearly cash flows and calculates widely used financial measures, such as NPV, IRR, ROI and payback time for Logica‘s identity management solution RIMA. Therefore this study adopted a constructive approach which aims to solve a relevant problem by constructing a model. First a vast literature was conducted in order to gain solid understanding on identity management solution‘s financial benefits. These benefits are then implemented into the ROI model and the model is tested by using fictional case company X‘s numbers. Summary of the Findings The benefits of identity management solutions were identified and a conceptual model of these benefits was constructed. The conceptual model identified that identity management solution can deliver intangible benefits that are revenue increasing and tangible benefits that are cost reducing. On the base of the conceptual model the ROI model for measuring and illustrating identity management solutions financial benefits was constructed. The ROI model identifies following areas that deliver savings: provisioning, self-service, SSO, compliance, IT-security, licenses and improved efficiency. The ROI model was tested in order to prove that it delivers desired outputs according to the assumptions and input parameters. Keywords: Return on investment, ROI, identity management, identity and access management, information security, IAM, Id