Karviná City

This growing city implements an identity management system that uses an automated account reconciliation process to efficiently and securely manage employee access to IT systems

Published on 02-Jun-2011

Validated on 16 Dec 2013

"Centralization, automation and a roles-based identity management system have simplified our IT access management significantly, freeing our IT professionals to build and expand our network as the city grows." - Jiri Jarema

Customer:
Karviná City

Industry:
Government

Deployment country:
Czech Republic

Solution:
Smarter Planet

Smarter Planet:
Smart Work

IBM Business Partner:
GC System a.s.

Overview

The town of Karviná has a rich history predetermined by its strategically advantageous location on the trade routes from Hungary to the Baltic countries. This location caused Karviná to became a commercial, economic and cultural center for the whole area. The town experienced huge development mainly after the discovery of black coal in the second half of the 18th century.

Business need:
For decades the town of Karviná and its surroundings were an area with a high concentration of coal mining and related industries. More recently, this town has become a commercial and tourist center. A new era has brought new development in construction and commercial activities.The city needed a solution that would free up its limited IT personnel to manage and expand the city’s IT environment, automating many of its time-consuming, day-to-day personnel administration processes, while ensuring the security of its IT systems.

Solution:
Ensuring comprehensive IT security for a growing city requires the centralization and intelligent automation of many processes, including monitoring and preventing unauthorized access to the city’s IT systems. Karviná City has implemented a rules-based identity management system that automates employee account access based on employee position, role and department. The system then uses an automated account reconciliation process to detect and correct (or remove) any accounts that are not in agreement with the predefined rules and automatically removes account access.

Benefits:
·Provides a 100 percent improvement in the speed of new employee activation—new employees become productive with access to all systems in a few hours instead of several days ·Improves administrative efficiency and lowers costs; one full-time employee can now manage all user accounts, while the rest of the IT staff develop and enhance the IT environment of the organization ·Improves system security by removing orphan accounts and deactivating employee accounts within a few hours of termination of employment

Case Study

The town of Karviná has a rich history predetermined by its strategically advantageous location on the trade routes from Hungary to the Baltic countries. This location caused Karviná to became a commercial, economic and cultural center for the whole area. The town experienced huge development mainly after the discovery of black coal in the second half of the 18th century.

The Opportunity
For decades the town of Karviná and its surroundings were an area with a high concentration of coal mining and related industries. More recently, this town has become a commercial and tourist center. A new era has brought new development in construction and commercial activities, and Karviná is becoming a town with dynamic development offering a good choice for a comfortable lifestyle. The city needed a solution that would free up its limited IT personnel to manage and expand the city’s IT environment, automating many of its time-consuming, day-to-day personnel administration processes, while ensuring the security of its IT systems.

What Makes It Smarter
Ensuring comprehensive IT security for a growing city requires the centralization and intelligent automation of many processes, including monitoring and preventing unauthorized access to the city’s IT systems. Karviná City has implemented a rules-based identity management system that automates employee account access based on employee position, role and department. The system then uses an automated account reconciliation process to detect and correct (or remove) any accounts that are not in agreement with the predefined rules. A closed-loop reconciliation process identifies “orphan” or out-of-date accounts, and automatically removes account access when an employee ceases to be employed by the city. The city can now be confident that employees who need access to accounts get it quickly and efficiently, while the security of its IT systems is assured.

Real Business Results

  • Provides a 100 percent improvement in the speed of new employee activation—new employees become productive with access to all systems in a few hours instead of several days
  • Improves administrative efficiency and lowers costs; one full-time employee can now manage all user accounts, while the rest of the IT staff develop and enhance the IT environment of the organization
  • Improves system security by removing orphan accounts and deactivating employee accounts within a few hours of termination of employment

For more information
Please contact your IBM sales representative or IBM Business Partner.
Visit us at: ibm.com/government

To learn more about Karviná City visit: http://www.karvina.cz

Products and services used

IBM products and services that were used in this case study.

Hardware:
BladeCenter E Chassis, BladeCenter HS22, BladeCenter running hypervisor - VMware

Software:
Tivoli Identity Manager

Service:
GTS ITS Security Services: Identity & Access Management Services, GTS Enterprise Services

Legal Information

© Copyright IBM Corporation 2011 IBM Corporation 1 New Orchard Road Armonk, NY 10504 U.S.A. Produced in the United States May 2011 All Rights Reserved IBM, the IBM logo, ibm.com, BladeCenter and Tivoli are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Other company, product or service names may be trademarks or service marks of others.The information contained in this documentation is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this documentation, it is provided “as is” without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this documentation or any other documentation. Nothing contained in this documentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM (or its suppliers or licensors), or altering the terms and conditions of the applicable license agreement governing the use of IBM software.