Customers

Migration from OIA/OW to SailPoint IIQ.

Since the manufacturer no longer offers support for the OIA/OW platform in use at ivv GmbH, and in order to meet the increasing compliance requirements, ivv intended to migrate to SailPoint IdentityIQ. KOGIT supports ivv with consulting, conception, implementation and testing on the basis of the product SailPoint IdentityIQ 7.x.

The project will be implemented in 4 steps:

• 1. Identity lifecycle and reading connection
• 2. Roll import and roll lifecycle
• 3. Authorization lifecycle, provisioning and recertification
• 4. Deconstruction OIA / OW

Phase 2 was successfully completed in autumn 2018 and the implementation of phase 3 has already started.

Phased IdM migration from Sun Identity to SAP IdM 8.0

TU Dortmund intended to replace its current IdM solution (based on SUN Identity) with a solution based on SAP Identity Management. KOGIT supports the migration project with professional and technical consulting, conception and implementation.

The goals of the project are:

• Development and implementation of SAP IdM version 8.0
• Transfer of the still existing UniMail IdM functionalities into the new SAP IdM
• Connection of source and target systems
• Realization and optimization of existing processes
• Development of new components and services
• Transfer of user administration for SAP ERP systems to SAP IdM

Introduction of the SailPoint IAM solution IdentityIQ

Deutsche Börse Group started the migration to SailPoint IdentityIQ in 2016. KOGIT has been supporting Deutsche Börse since mid 2018 with the system renewal and professional implementation of IdentityIQ, as well as the efficient connection of further applications.
Subject of the consultation and configuration are the following service components:

• Technical coaching
• Consulting, concepts and best practices
• Implementation
• Onboarding
• Support in quality assurance of the implemented functionalities
• Advice on planning and implementation of the planned application connections
• Support with project management

VWFS AG plans to introduce an IAM solution on the basis of SailPoint IdentityIQ, including a dashboard for data quality in the IAM system. To do this, it was first necessary to check the minimum requirements for data quality and to display the current quality statuses.

KOGIT supports the customer in consulting, configuration, implementation and commissioning.

Introduction of an Identity Access Governance solution

Bankhaus Metzler introduced an IAG system to ensure more efficient, transparent and audit-proof administration of user access authorizations to the company's data and applications. KOGIT supports Metzler in this project in consulting, conception and implementation on the basis of SailPoint IdentityIQ.

The following functionalities are achieved:

• User-friendly GUI
• Access Request Management à la Online Shop
• Role management
• SoD control
• Access Certification
• Intelligence based on BI and warehouse technology

Introduction of SailPoint IdentityNow

The customer planned to implement SailPoint's cloud-based solution IdentityNow. In phase 1 KOGIT currently supports the customer with the following topics:

• Automatic HR interface for the regular transfer of master data changes
• The IAM Core processes for Joiner and Leaver
• Automatic connection of the AD interface and top systems
• Standard Reports and Reconcillation

In addition, we provide support during implementation and productive use, including migration of the necessary master and authorization data, as well as during the stabilization phase and the documentation of processes and architectures.

Introduction of SAP Netweaver Identity Management

• Prozessdefinition und standardisierte Test-Szenarien
• Aufbau Testlandschaft
• Anpassung und Ausführung von HCM-Schnittstellen, Rückkanälen, Konnektoren für Active Directory
• Process definition and standardized test scenarios
• Structure of test landscape
• Adaptation and execution of HCM interfaces, return channels and connectors for Active Directory
• Provision of UI masks for administrators
• Performance of tests
• Productive deployment
• Implementation
• Project management
• Consultation
• Transfer of know-how
• Documentations
• Support after commissioning

Support Service IdM

Marquardt uses an IAM solution based on SAP. The productive operation of this solution requires experienced support personnel to support the system administrators and perform maintenance activities. KOGIT provides Marquardt with this support service.

Conduction of a GAP analysis to assess the maturity of the existing system

Within the framework of a solution-agnostic GAP analysis, the customer wanted to evaluate the maturity level of the existing IAM approach in comparison to the current state of the art in companies of comparable size. In an As-is-Analysis, the individual components of the current approach were evaluated and assessed by KOGIT, together with the IT managers of the customer. Subsequently, a first proposal for the set-up and the course of a possible IAM follow-up project was developed and presented to the customer. For the GAP analysis the following questions were considered in particular:

• Where does the client stand today in the area of IAM and how is the maturity of the current approach evaluated?
• What gaps do the individual building blocks in IAM have compared to the current state of the art?
• Where is there an urgent need for action?
• What is the recommended approach for an IAM project?

Introduction of SailPoint IdentityIQ

The client intends to introduce a new centralized, standardized and automated IAM infrastructure and related processes and policies through a dedicated IAM program. The growing complexity of future business-critical issues such as Internet of Things, Cloud Adoption or Compliance make it necessary to further develop the current Identity Management. Sartorius AG has decided to implement the SailPoint solution IdentityIQ. KOGIT supports the customer in the conception, introduction, implementation and support of the solution.

The project is carried out in several phases. Project phase 1 has already been successfully completed. Phase 2 is currently being implemented.

The customer also successfully uses the KOGIT SAP OM Importer Plugin and the Solution Support Service of KOGIT.

Dräger's goal was to select an IAM solution that could be used for cloud and on-prem applications with internal and external users. KOGIT took over the consulting activities for the decision proposal of an IAM solution for on-premise and cloud-based applications. This included:

• Survey and documentation of the functional requirements for an IAM solution
• Survey and documentation of the maximum expected complexity for role and authorization concepts
• Creation of an evaluation matrix for IAM solutions
• Coaching
• Evaluation of the IAM solutions found in the market and the solutions currently in use
• Creation of a decision template

Upgrade SAP Identity Management to the Next Level

Stadtwerke Heidelberg is upgrading its existing SAP IdM system to the next higher support package. KOGIT takes over the consulting, implementation and know-how transfer for the development and production systems for Stadtwerke Heidelberg during the upgrade.

Requirements analysis and definition of an IAM program.

Replacement of the ZBV Central User and Authorization Management by the introduction of SAP NetWeaver Identity Management 7.2. With the new system the user administration can be further automated and simplified and also offers a promising expansion option with regard to further connection and expansion options. The new solution meets the increased requirements for an audit-proof and logged IDM system, which provides meaningful reports (audits) on the application and assignment of user authorizations in the connected IT systems, including approval workflows and role assignment. Harting’s KGaA system environment consists of a series of SAP modules that are administered today via ZBV. The Harting Group comprises 30 companies worldwide. The system environment includes SAP ERP, SAP BW, CRM, SRM, APO and SAP Portal..

Project and implementation:

• 1.000 users
• 16 applications

• Requirements analysis
• Architectur
• Consulting
• Requirements Definition IAM Program
• Implementation
• Care and maintenance

Solution Support Service for SAP Identity Management

The FRITZ EGGER GmbH & Co. KG uses an Identity Governance and Administration (IGA) solution based on SAP IDM. For the productive support of this solution the customer needs experienced support personnel. With the solution support service KOGIT supports the customer with questions, periodic maintenance activities and in problem situations to ensure the stability of the system.

Building a SIEM environment

The customer needed support in setting up and adapting its SIEM environment, which is to be handed over to an external service provider after successful setup for operation. For this purpose, the stages development, test, pre-production and production have to be set up and configured.

Implementation of SailPoint's IAM solution IdentityIQ

WIRTGEN Group Holding GmbH has introduced the IAM solution IdentityIQ from SailPoint in order to meet the increasing compliance requirements and to be able to manage users' access rights to the company's data and applications more efficiently, transparently and audit-proof. KOGIT has supported WIRTGEN by consulting, conception and implementation on the basis of the product SailPoint IdentityIQ with the following goals:

• Regular certification of access authorizations
• Recertification
• Connection of target systems
• Finalization of the user lifecycle, attestation and application processes

A central identity management system with worldwide access seamlessly replaced the old user administration system.

After only four weeks of parallel operation, the old system was switched off. The factors for the successful migration were a tailor-made architecture, a flawlessly maintained database and the competence of the system integrators, who took over the analysis and implementation.

Migration of the existing user management system into the SailPoint IdentityIQ solution.

The Audi AG conducted a migration of the existing user management system to the SailPoint IdentityIQ solution. The SAP environment will be connected to SAP Access Control 10 (GRC) system. KOGIT provides the functions and detailed technical specifications as well as - in cooperation with SAP Deutschland AG - the concept for the connection implementation.

Project and implementation:

• 4.000 roles
• Functional requirements
• Technical detail requirements
• Concept for ressourcen connection

Solution architecture consulting

Solution architecture consulting, test design, implementation policies, Qualitätssicherung für den gesamten Entwicklungsprozess, Spezifizierung, Test Definition (use cases), testing.

Eingesetzte Produktlösung: SailPoint IdentityIQ.

Projekt und Umsetzung:

• ca. 5.800 Benutzer
• 800 Rollen
• 50 Applikationen
• Coaching
• Qualitätssicherung

Connection of further systems to the existing SAP Identity Management System

TÜV Rheinland AG wanted to expand the existing SAP Identity Management System and gradually introduce a PAM system and an SAP ERP system (clients 010, 020, 030 and 033). KOGIT advised the customer and supports him in the implementation of the project.

Anforderungsanalyse und Definition eines IAM-Programms, Support und Implementierung

Requirements analysis and definition of an IAM program, support and implementation.

Project and implementation:

• 3000 internal users
• Requirement analysis
• Requirements definition IAM programm
• Implementation

SIEM implementation and adaptation

The customer needed support in adapting his SIEM environment, as well as in connecting new event sources and creating correlations.

Automated assignment of basic authorizations for PC and mail systems based on leading personnel system

Design and implementation of the complete system as well as monitoring and verification of all awards by delegated coordinators. Long-term and sustainable solution support

Demand definition of an IAM program, support, implementation and project management.

- ITSCare, as a service provider for the AOK Hessen, Baden-Württemberg, Rheinland-Pfalz/Saarland, has implemented the SAP NetWeaver Identity Management System with the following goals:

• Acceleration of order processing
• Improving quality in procurement and implementation
• Optimization of workflow processes
• Improvement of user friendliness
• Simplification of the application and approval procedure
• Maintain data protection and audit requirements
• Standardization of access rights

The project was started as a pilot for the AOK Hessen and then rolled out in BaWü and RPS. The project was successfully implemented with SAP NetWeaver Identity Management. ITSCare, as an internal project team, will gradually take over the operation of the system on its own.

Project and implementation:

• 25.000 plus 10.000 functional mailboxes
• 2.000 roles
• 20 applications
• - Requirements Definition for IAM Program/li>
• Implementation
• Customer trainings
• Project management
• Care and maintenance

A 100% subsidiary of Allianz SE

KOGIT was commissioned by the Allianz subsidiary IDS with the goal of a compliance audit to increase security for the operative business. 8 million authorizations and over 2000 roles had to be migrated into an IDM system. A uniform and comprehensive role model, the assignment of data ownership including periodic access reviews and a classification of all data according to confidentiality were taken into account.

Deployed product solution: SailPoint IdentityIQ.
Project and implementation:

• 3,000 internal users
• 1,100 rolls
• 40 Applications
• Migration Legacy IDM
• Role Management (Role Mining, Generation of Entitlement Roles)
• User Self Services Requests
• Password management
• Certifications

Preparation and Enhancement of an Upgrade to SAP IdM 8.0

KOGIT advised and supported Boehringer Ingelheim Pharma GmbH & Co. KG. during the preparation for the upgrade to SAP IdM 8.0. In this context we undertook the following tasks

• Conception, development and completion of workflows
• Support in completing the business role concept and technical implementation of the concept (as required)
• Support for the expansion of already connected systems
• Connection of further source and target systems

Requirement analysis and definition of an IAM program, concept, support and implementation.

Bechtle AG aims to implement an SAP system landscape which harmonizes and simplifies work by transferring the administration of SAP users to the "key users". By managing all SAP identities in SAP NetWeaver Identity Management, a new login scheme, the introduction of a new authorization concept and the replacement of SAP CUA (ZBV) by a more central tool, which can also manage JAVA systems, can be achieved

• Central administration of user accounts using SAP HCM as master data source
• Central password management
• Use of business roles to simplify the application process
• Audit-proof workflows and processes for assigning accesses and admissions
• Workflow for mapping Change Management for business roles

Project and implementation:

• 6.000 employees
• aus 69.475 SAP roles became 288 business roles
• 10 SAP types = 33 SAP systems distributed over 65 companies
• Requirements analysis
• Requirement Definition IAM Program/li>
• Implementation
• Care and maintenance
• Standardized KOGIT support for SAP NW IDM