U.S. Local Government Agency Steps Up Web Security

To protect sensitive information and resources, the agency wanted secure and simple role-based web access to internal systems and applications. By implementing NetIQ Access Manager™, the agency gained a central point of control to provision role-based access rights.


Download PDF

“It is now standard procedure to run all of our internal and external websites through NetIQ Access Manager.”SpokespersonSystems Administrator, U.S. Local, Government Agency

About U.S. Local Government Agency Steps Up Web Security

This U.S. local government agency is responsible for managing and selling state-owned assets. It employs over 700 people, generates multi-million dollar annual revenues and reinvests all profits into public projects.

Challenge

This U.S. local government agency manages and sells state-owned assets, generates multi-million dollar annual revenues and reinvests all profits into public projects throughout the state. As a governmental body, the agency must maintain high levels of security while ensuring unrestricted access to public information.

“In the past, we were not comfortable with providing online access to resources—there were frequent stories of hacks and compromised internet servers,” explained the agency systems administrator and spokesperson. “Additionally, we had to be sure that we did not open up access to internal-only systems or applications by mistake.”

The agency decided to take a different approach to access management to provide easy, secure authentication through its website.

Our Solution

A long-term NetIQ customer, the agency chose to upgrade to NetIQ Access Manager after almost 10 years of using its precursor, iChain. The agency created two systems based on Access Manager and NetIQ eDirectory—one secure authentication pool for around 700 internal users and an external system for approximately 5,000 citizens. By mapping user privileges to user identities, the NetIQ solution enables easy monitoring and role-based control of access rights—ensuring that users can only see their permitted resources.

“NetIQ Access Manager has completely changed how we present information and applications to the outside world,” the spokesperson explained. “Our system for external users is specifically set up to handle these kinds of accounts, so IT staff are safe in the knowledge that multiple levels of role-based authentication protect internal-only systems. What’s more, Access Manager scales very easily, so as that pool grows, we can just keep adding to it.”

“It is now standard procedure to run all of our internal and external websites through Access Manager, which has significantly boosted security,” the spokesman continued. “We use it to obfuscate every single one of our web servers and provide employees with a single sign-on for all systems.”

The agency uses NetIQ eDirectory to store user data centrally, which is automatically distributed to relevant systems by Access Manager—something that IT staff previously had to do manually. Automatic synchronization across all connected systems gives the agency a single, scalable point of control for all access rights, enabling efficient monitoring for potential security risks.

“NetIQ Access Manager comes at an unbeatable price,” the spokesperson said. “On top of that, it is licensed per user rather than by traffic or bandwidth, making it a highly cost-efficient solution.”

Results

With NetIQ Access Manager, multiple levels of role-based authentication provide strong protection for internal systems so the agency can safely enable external access to systems for citizens with confidence.

With automated user provisioning, employees only need register once, while the self-service password reset feature gives users control over their login details. Anyone who forgets their password can easily reset it themselves without having to call the IT helpdesk—making life easier for employees as well as significantly reducing IT staff workload. By automating these previously manual processes, NetIQ Access Manager boosted efficiency and productivity at the agency.

“The flexibility and functionality of Access Manager are exceptional,” said the spokesperson. “Single sign-on capabilities ensure a seamless user experience across different systems. It also significantly accelerates employees’ access to resources, as they only have to log in once to be authenticated for all systems.”

“But by far the biggest benefit of NetIQ Access Manager is increased security,” the spokesperson continued. “Thanks to centralized control over authentication levels and identity-based access provisioning, internal agency systems are now extremely well protected against unauthorized access attempts.”

Building on its success with Access Manager, the agency is currently running a pilot of NetIQ Identity Manager. “Our aim is to integrate Identity Manager with Access Manager, eDirectory and our HR system to fully optimize our access management processes,” a spokesperson said. “There are always excellent new features being added—it is a great time to be a NetIQ customer!”

Government

United StatesNorth America

  • Boosted efficiency and productivity through automation of manual processes
  • Introduced self-service pass word help, which has reduced help desk calls
  • Increased security through centralized control over authentication levels and identity-based access provisioning

Let's Talk


Welcome, Want to talk to someone? Call our Sales team or request a call and we'll get right back to you.

  • Sales: (888) 323-6768

For support information, please visit Technical Support.

Amy Sachrison
Director
Press & Analyst Relations

Phone: (713) 418-5368
Email: amy.sachrison@netiq.com