Success Story / ENHANCING IGA
Large Healthcare Organization Achieves Future-State IAM
Identity Data Fabric approach enables people management, governance, and data quality transformations.
A Trifecta of Transformations Achieved with RadiantOne
A large healthcare organization manages over 31,000 identities across different business units including clinics, home health services, and hospitals. They decided to upgrade their Enterprise Resource Planning (ERP) system to a cloud-based approach as part of a massive digital transformation project, meant to encapsulate everything about how they managed people as an asset. The ERP migration and an overhaul of their Identity Governance and Administration (IGA) system were the foundation of this initiative. They wanted to automate provisioning and governance to streamline and speed onboarding new employees and other constituents including doctors, staff, and contractors, to drive efficiencies in quality of care, patient safety, service delivery, and customer satisfaction. The company chose Workday as their new ERP solution, and set an aggressive timeline for migration. Historically, all people were managed in PeopleSoft, but it was only intended for Workday to manage employees and contingent workforce, which left out a third of the non-employed users. Two months before the go-live date, it was revealed these identities would be managed in Cactus and ServiceNow.
The identity team had their work cut out for them. Given the likelihood that a person could exist in multiple active roles across those systems, they were suddenly under pressure to come up with a solution that addressed the entire user population, without stalling the Workday deployment and avoiding identity duplication and other risks to the organization’s cybersecurity program.
Future-state identity management, delivered on time. The team used RadiantOne to provide a global view across all their data sources, including the new cloud-based Workday system. This provided the new IGA solution, SailPoint, with the required data through an LDAP connector, and enabled them to retire PeopleSoft and the old IGA system seamlessly.
Now, their team can quickly onboard new identities and manage their entire lifecycle seamlessly. In a healthcare setting, improving operations also directly enhances patient care by eliminating staff access problems to critical applications—less time calling helpdesk, more time helping patients.
“To meet our requirements for a unified identity solution, there was no other option on the table but RadiantOne”
—Manager, Cybersecurity
How to simultaneously move to the cloud, update ERP and rework IGA—in just two months
It was time for a change in how this organization harnessed identity. When a major project to modernize their ERP system kicked off, it was a strategic move that would affect every part of the business, and had many deeply invested stakeholders. Success was the only option.
The goal was to simultaneously:
- Migrate ERP from PeopleSoft to Workday and the other identity sources, Cactus and ServiceNow
- Deploy an automated provisioning system to enable governance–for all workforce users
- Improve identity data quality
The IT team knew they had a major challenge on their hands as the move meant going from one authoritative source (PeopleSoft) to many (Workday for employees and contingent workers, Cactus for credentialed providers, and ServiceNow for non-employees). There were hundreds of existing integrations with PeopleSoft, and an entire IGA system built around it that would need to be overhauled to make the Workday deployment successful, and on time.
But, IT was determined to pull it off and build their reputation as a key driver of business value within the organization. The manager of cybersecurity overseeing the project said:
“We wanted to be the enabler, not to have to tell somebody we’re gonna have to stop this train of progress—we just didn’t want to be in that position.”
When IGA Isn’t Enough
Originally looking only at IGA solutions, the team quickly realized they lacked a set of capabilities necessary to support and manage the proposed system. With three authoritative identity sources instead of one, there were requirements the IGA solutions didn’t meet.
The team needed a way to:
- Unify identity data, shielding IGA and other integrations from identity complexity
- Discern who was who, as they had duplicate accounts and users operating in multiple personas across the organization
- Eliminate the need for custom coding
With the complexity that the ERP initiative created, they realized the best approach would be to de-couple the architecture and delegate identity data management tasks to an “IGA middleware” layer.
RadiantOne Enabled IGA Deployment for the Hybrid Infrastructure
Under deadline, they needed a quick solution. Without a way to manage identity complexity better, the project would be stalled–and that was unacceptable. A custom workaround would have delayed the project for months (even years), made the IT team look like the bottleneck, and driven cost-to-deploy and cost-to-maintain through the roof.
They found that the RadiantOne Intelligent Identity Data Platform was the only offering on the market that would enable them to revamp the ERP system and deploy IGA at the same time–within their 2-month deadline. With RadiantOne, they could achieve their ideal state for the Identity and Access Management (IAM) system: having a single, consistent, authoritative source of identity information (aka Identity Warehouse) to drive the governance system for all workforce users.
Achieving Future-State IAM with an Identity Warehouse
A key indicator of success for this team was ensuring that the IGA and other integrations would scale, operate, and perform well. RadiantOne delivered identity data management capabilities including identity matching and reconciliation, data and schema transformation, and flexibility for managing multiple authoritative sources. By providing a single stream of valid identity data to all current and future projects, the Identity Warehouse architecture boosted performance and accelerated future integrations.
Optimizing IGA and ERP with RadiantOne
With RadiantOne, this team:
- Replaced the legacy tools, process, and infrastructure around the old IGA solution
- Added value to their IAM and business processes by better leveraging identity data
- Optimized identity data quality and accessibility, boosting efficiency and security
- Increased speed, scale, and reliability
- Reduced management, maintenance, and support costs
- Ended reliance on custom coding
- Increased stakeholder visibility and engagement around identity data standards
Unexpected Benefits: Advancing Business Intelligence with the Power of Identity Data
With great visibility comes great responsibility. The wonderful surprise for this team was realizing that RadiantOne unlocked new identity data analytics opportunities for identifying gaps and poor processes. By integrating RadiantOne with Microsoft Power BI, they built powerful visualizations that increased the sharing and monitoring of identity data quality with leadership. Now they could better communicate problems to stakeholders to gain traction and forward movement on key initiatives.
The result was more demand for the power of identity data. As their cybersecurity manager shared,
“Once the business realized that this was the best source for one solution, they wanted more and more of it elsewhere. So, you’re managing more demand and adding more value—it’s a good thing.”
Discover how other organizations leverage RadiantOne
Explore common challenges across all industries and see how our Intelligent Identity Data Platform changes the sunk cost one-off “solution” game.
Like how we helped other organizations? We can help you too.
We got your back. Get in touch with us and we can help find a path forward to solve your complex identity infrastructure challenges.