A security team faced significant challenges in maintaining application permission management and obtaining timely attestations from data owners to confirm appropriate user access.
The process was heavily reliant on spreadsheets, manual imports, and periodic reviews, which only happened once every three months.
Due to the complexity, the team struggled to keep up with the workload, and there was simply not enough time to ensure accurate and consistent oversight.
DDs stepped in to streamline the process by designing a robust SQL-based ETL (Extract, Transform, Load) solution. We integrated data from over 40 systems, including Active Directory, consolidating all user data and permissions in one place.
About 30% of the data was sourced directly from applications, while the rest was imported from Excel and CSV files.
The data was then organised into clear, manageable reporting elements and integrated into real-time dashboards. This empowered the team to easily track and monitor permissions, significantly reducing manual efforts. Attestations could now be completed regularly with minimal effort, as all the necessary data was immediately accessible.
Additionally, with the Active Directory integration, we were able to set up automated exception reports. For example, if a user was disabled in Active Directory, they would be flagged if they still had active permissions in other systems.
User access control is now visible on a timely manner.
✅ Efficiency Gains: The quarterly process was replaced with near real-time reporting, drastically cutting down on the time and effort spent on permissions management.
✅ Enhanced Compliance: Regular, automated attestations ensured that permissions were always reviewed and up-to-date, improving security and compliance.
✅ Proactive Security: Exception reports, such as identifying disabled users with active access, were automatically generated, enhancing the team's ability to quickly address potential risks.
Plans are in place to introduce automated alerts for data owners whenever permissions are changed, ensuring proactive management and further enhancing security oversight.
By partnering with DDs, the security team transformed a time-consuming, manual process into an efficient, automated system, achieving both operational savings and stronger security controls.
Automated Security Processes | User Access Control | Application Permissions Management - all automated.