Introduction of a New IAM Solution at Investitionsbank Berlin

The staff of the ‘monitoring office’ of Investitionsbank Berlin (IBB) used to have a very tough job. It is their responsibility to regularly check the IT authorizations of the financial service provider’s 850 employees. This means that they also play a key role in ensuring that the bank meets all compliance provisions. However, given the steadily increasing number of regulations for the finance industry, manual verification is a time-consuming and error-prone task. What further complicated matters was that numerous IT systems of IBB were not connected to a central identity access management (IAM) system.

Many managers did not understand the details or implications of individual access rights. This made proper and regular recertification, as is demanded by MaRisk (minimum risk management requirements), difficult to fulfill. In order to remedy this situation with a new IAM system, the bank thus issued an invitation to tender. Another reason that prompted the customer’s decision to get a new solution was that the auditing firm insisted on receiving an overview of all access rights updated daily.

The bank was also looking into introducing a consistent recertification solution as part of this system change.

Surprisingly fast: Beta Systems was awarded the project, “because they have long-standing expertise in the banking sector,” says Percy Frahm, Department Head Technical Infrastructure at Investitionsbank Berlin. “The provider had competent answers to all our questions regarding IAM that also convinced the auditors.” The recertification portal that comes with the suite (and which requires no programming on the customer’s side) as well as the predefined role profiles provided further incentives to choose the Beta Systems solution. Also, it took only a little longer than half a year to implement the solution, which is very quick for this kind of project.

The ‘Garancy® Identity Manager’ provisioning module enables IBB to centrally administrate and control all user-related authorization information (identities, groups, roles) across all IT systems. Access rights are recertified via the web interface of the Garancy® Recertification Center. Here the rights and roles assigned to employees are checked by the defined person in charge and automatically revoked if the manager decides not to extend an authorization. “We now have an out-of-the-box identity access management solution simply not offered by other software providers,” says Eike Thore Schmaida, providing a further reason why the bank opted for Beta Systems.

The bank’s authorization management and certification workflows now serve as a ‘best practice model for the promotional banking sector’. Automated and streamlined IAM processes enable the IT department and management to dedicate more time to customer-facing activities.