A road network management company has to meet the challenges of customer satisfaction and safety, but it also has a strong ecological stake in the way it manages its users.
- more than 3,000 employees
Their needs:
Automate user account management: know which accounts are really active for each application, and therefore deal with any accounts in error.
The presence of statutory auditors and security audits reinforces the need for a clean IS with supervised accounts.
"For us, that was the real benefit of this solution in terms of organization: decentralizing to better secure the management of each connector."
S. ISD Operations Manager
What was the problem at your transport company?
An in-house tool had been developed to retrieve files for certain applications. It was impossible to decentralize the management and supervision of the accounts for each application, so it had to be handled by a single person. The manipulations involved in integrating all the files were technical and time-consuming. What's more, you had to know how to interpret them and then manually alert each application contact.
The company needed to make its account management more reliable , and turned to an IAM solution.
What criteria were used to select the identity and access management solution?
The cost criterion was a major factor in the search for a solution, as the organization wanted a flexible solution that could adapt to and understand their needs.
Youzer was fairly new to the IAM market, which made it more flexible than the big integrators.
Speed of deployment was also a key consideration, and Youzer had the advantage of being able to be set up without the need for extensive project management with consultants.
On the other hand, as the transport company is highly segmented, with important processes, it takes them longer to set up a connector, as they have to respect these processes.
How did the launch of Youzer go at your transport company?
The company has around 150 applications to interface with Youzer, with 39 still to be connected. Each interface is time-consuming, requiring the involvement of several in-house people and the allocation of day-to-day management of the application to a dedicated person.
Prioritization was made in terms of criticality, and applications not linked to the AD were put in place first. If an employee leaves the company, it is on these applications that the risk is greatest, since they will still be able to connect.
"We chose to give priority to interfacing our non-backed apps, and that was really important."
The organization then decided to decentralize application management, as previously only one person was in charge.
Here, with all the applications, it was no longer manageable, and non-technical application managers were appointed to take charge of a set of applications. They have to log in once a week to check that active accounts are still valid.
"Inevitably, she [the person who supervised the old in-house solution] doesn't know all these applications, she doesn't know who needs access, who's present. We made the choice, after some thought, to decentralize this work. Decentralizing the supervision of our connectors is a major advantage that Youzer has brought us."
S. ISD Operations Manager
Youzer in everyday life
There are 40 account managers who only have access to the connectors they supervise. In-house training has been set up to help them get to grips with Youzer.
Nevertheless, one person audits all the accounts to check that the account managers have processed all the applications under their responsibility.
For the overall management of Youzer, there are 3 administrative staff with full access.
Youzer has revealed several erroneous accounts in the AD, and this is the basis for a progressive clean-up of the AD. Youzer is now a source of truth when it comes to erroneous accounts.
The next steps are to integrate AD-backed applications, and above all to take stock of paid licenses for certain applications, notably the Microsoft 365 connector.
Youzer has saved a great deal of time in processing account anomalies. Previously, the person in charge of this work would manually import all the Excel files, and it would take a day to load everything. Then she had to process the files one by one and send emails to each application manager.
What's more, on the old interface, not all applications were compatible, so there was a pretty big hole in the racket.
"So the time saved is exponential, but I couldn't put a figure on it. It's been a huge help in that respect."
S. ISD Operations Manager
Would you like to receive our white paper on identity and access management?
Preferred functionality
- Excel exports
They can be found virtually everywhere, with the option of pre-filtering the information to be exported.
"For me, Excel export is really a key feature in Youzer, hyper-important."
S. ISD Operations Manager
Would you recommend Youzer?
"Yes, I'd recommend it with small caveats.
It may seem like a simple tool, but as a subject, you might think: oh, it's not complicated, it just pulls up the list of orphan accounts, it pulls up the list of accounts that have left for a connector.
Yes, but what a simplification compared to the real things it's capable of producing. We're able to come up with things that are much finer, much sharper, but that require a bit of brain-knotting to fully understand, master and so on.
So from a tool that may seem very simple, mind you, you can do a lot, but it requires someone with a bit of agility of mind to use it well and understand everything."
S. ISD Operations Manager
