Download the Case Study Now
For organizations, answering the question of “who has access to what” applications and data the organization maintains is of paramount importance. Especially for highly-regulated companies such as Orrstown Bank, being able to answer this question at any moment not only aids with compliance efforts, but also mitigates risk across the entire business.
→ Download the full case study now to learn more.
Overview
Orrstown Bank started as a local bank in 1919 in Orrstown, PA. It has since grown to 28 locations and in 2009 – in its 90th year of business – it became a publicly traded company. As an organization with nearly $1.3 billion in assets, Orrstown Bank understands the need for compliance while also securing their business on a day-to-day basis.
Challenge
Banking is built upon the transactions it performs daily, and Orrstown Bank needed a solution that could be quickly deployed while also protecting the data and integrity of its transactions. They also needed a solution that could connect to their hundreds of applications and enable their business users to do their job more efficiently through automated access certifications, password management, and single sign-on.
Solution
With SailPoint IdentityNow, Orrstown Bank was able to streamline their security processes and reduce the time it takes to certify access by 2,000 hours per year.
Summary
Orrstown Bank understands the threats that it faces as a financial institution, but with its hundreds of applications – many of which that are critical to the bank’s operations – finding the right solution that could work with them posed a challenge. While protection of data and integrity of transactions is the bank’s top concern, they also needed a solution that could quickly be deployed, was easy to use for its 400 business users in 28 locations, and had a quick time to value. SailPoint had just the solution: IdentityNow.
Start With the Most Complex
Leveraging SailPoint’s expertise, Orrstown Bank began their IAM endeavor with the highest-risk and most complex areas of their technology stack. In under 2 months, they had deployed IdentityNow to automate access certifications, password management, and single sign-on for most of their primary applications and have since expanded the platform to include well over 100 applications.
By focusing on the areas with the most entitlements, those with entitlements that changed the most frequently, and with the highest numbers of users, Orrstown Bank was able to secure the most sensitive information while simultaneously determining the most efficient and effective procedures and processes. Now, connecting to and becoming secured through IdentityNow is automatically included in the process of any application that they deploy. This change from previously being a discretionary process has helped to further secure access to the organization’s sensitive information and mitigate the risk of a data breach.
The Impact of and Moving Forward with IdentityNow
By deploying SailPoint, Orrstown Bank expects to reduce calls to their helpdesk; the challenge is getting employees to consistently use the system. Those that have provided (and regularly do provide) feedback have said that it “has greatly simplified their life and they don’t know how they lived without it.” Orrstown has also reduced the time it takes to certify access by 2,000 hours a year. Perhaps most importantly, they can now answer the question “who has access to what” at any point. This has eased the creation of role models, which has made it easier to terminate access when employees leave the organization. This further streamlines the processes associated with audits and compliance.
Orrstown Bank is continuing to expand its deployment with IdentityNow and solve its biggest challenge: employee education. But with SailPoint’s support and IdentityNow to continue saving both time and money for the business, Orrstown Bank is now more secure than ever before.
Featured SailPoint Capabilities
-
- SAML-Based Single Sign-On: One-click, standards-based access to all on-premises and cloud-based applications.
- Self-Service Password Reset: Empower end users to change passwords and unlock accounts from any device, on any network.
- Manager-Level Access Certifications: Enable the organization to distribute certification decisions to business users by simplifying the presentation of complex IT access data.
- Closed-Loop Remediation: Ensure continuous compliance by sending automatic revocation requests to an automated or manual user provisioning system and validating that changes occurred.
- Provisioning Roles: Enable automated provisioning of new user accounts during the onboarding process and removes access when a user leaves the organization.
“Orrstown is growing quickly and as such we expect the already complex nature of IAM to become more complex. SailPoint’s IdentityNow gives us a scalable solution that provides robust controls to manage user access.” — Andrew K. Linn, SVP, Chief Information Security Officer, Orrstown Bank
