A2Atest

A2A wanted a trusted and comprehensive solution that could help provide full and continuous control over its internal users’ access to any application. NetIQ Identity Manager has provided A2A with the reliability and flexibility needed to manage the access rights of all 6,000 of its users. The company can now comply more easily with national regulations around the security and protection of confidential data.


Download PDF (AP)

Download PDF (EE)

Download PDF

"The system immediately recognizes who is authorized to access an application, what their rights are and which applications they can use."Gianfranco CuscitoICT Manager, A2A

About A2Atest

Headquartered in Milan and Brescia and serving the whole region of Lombardia, A2A specializes in the production, distribution and sale of electric energy, gas and district heating. It is one of Italy’s leading multi-utility groups.

Challenge

A2A must comply with a series of national regulations and policies that establish the correct management of identities and mitigation of business risk. Gianfranco Cuscito, ICT manager of A2A, said, “We perceived pressure on us because we lacked an automated and reliable tool to manage our users and detect any incorrect or suspect action performed on our systems.”

As Cuscito explained, “Managing our 6,000 users’ authorization profiles across multiple nonintegrated applications, and in some cases manually, would not have been feasible, in that it would have taken at least five days per person. We needed an automated solution for managing users’ authorization profiles for critical applications.”

Our Solution

Following a competitive tender, A2A decided to implement Identity Manager.

“Identity Manager had all the features we were looking for: flexibility, reliability, ease of configuration and use, and great value for [the] money,” Cuscito said.

Working with Deloitte, A2A implemented Identity Manager in two phases. The first was finalized in nine months. A2A is currently undergoing phase two of the implementation and is confident that it will be able to complete this phase within its 12-month time frame.

Identity Manager has enabled A2A to create a standard set of rights and authorizations for regular users and to use this set as a basis for subsequent changes, additions or removals of privileges. “The system immediately recognizes who accesses an application, what their rights are and which applications they can use,” said Cuscito. “In this way, we can make sure that operational risks are removed or controlled and that the national regulations in terms of segregation of duty are respected.”

With Identity Manager, A2A can provision new users quickly and easily and apply all updates to identity information in real time. “When users need to access a particular area that they are normally not allowed to use, they can ask the area manager for a specific authorization,” said Cuscito. “If the area manager agrees and updates the user’s set of privileges accordingly, the system will automatically take in those changes and enable the person to continue their work.”

Identity Manager covers all the company’s core applications, which are largely based on SAP software, and will also allow A2A to automatically manage password synchronization.

Results

With Identity Manager, A2A can manage all access to its numerous applications and also determine whether a certain user is allowed to perform a specific task by accessing a given application. “For instance,” said Cuscito, “if the same user performs actions belonging to separate areas—such as creating a purchase order, issuing an invoice and, finally, entering the payment received—the system will warn us so that we can take action accordingly and in a timely fashion to avoid any possible risk.”

Identity Manager has also revolutionized adding, removing or editing a user’s set of rights. “In the past, these processes were performed manually and on paper sheets, wasting considerable amounts of time and resources,” Cuscito said. “With Identity Manager, all of this occurs automatically and in real time, allowing us to understand right from the beginning what is happening on our network and if assigning a certain role to a user is going to put us at risk or not.”

As A2A pursues its plans for international growth, IT is already planning to extend the successful solution to the whole group.

Utility

ItalyEurope

  • Eliminated manual user identity processes
  • Provided the ability to manage access to numerous applications

Let's Talk


Welcome, Want to talk to someone? Call our Sales team or request a call and we'll get right back to you.

  • Sales: (888) 323-6768

For support information, please visit Technical Support.

Amy Sachrison
Director
Press & Analyst Relations

Phone: (713) 418-5368
Email: amy.sachrison@netiq.com