ID Management Where It Matters
Memorial Sloan-Kettering Cancer Center, the world's oldest and largest private cancer center, spent 18 months in the RFP process before it settled on Courion's Identity and Access Management offering as part of its governance, risk, and compliance strategy.
Memorial Sloan-Kettering Cancer Center, the world's oldest and largest private cancer center, spent 18 months in the RFP process before it settled on Courion's Identity and Access Management offering as part of its governance, risk, and compliance strategy.
The New York City-based medical facility, which has 480 beds and admitted more than 23,000 patients last year, has a centralized IT structure that supports about 10,000 users. ID management is particularly important because it must comply with HIPAA privacy rules.
Prior to implementing the identity management system, four IT staffers spent a huge amount of time manually setting up and changing user identities.
The IDM system rollout began with Courion PasswordCourier, a password synchronization system that provides one password for all of a user's apps. In the first phase, the IT team also learned how to write the connectors between the IDM system and company applications, including its PeopleSoft HR app that provides IT with data on changes to employees' status.
IT also built workflows to handle situations where employees must be removed immediately and updates on employee status from the HR system using Courion's AccountCourier.
The project's third phase lets business managers allow, deny, or revoke access rights to users, using Courion's ComplianceCourier. Another workflow in development includes a Web page with instructions on how to handle termination and change requests.
Sloan-Kettering is keen to take advantage of other Courion IDM offerings that are integrated with advanced security capabilities such as data loss prevention, says Rachel Heftler, the cancer center's director of client services. Data-in-motion DLP technology integrated with a content-aware identity and access management system could pick up if e-mail is going out with sensitive information and flag the privacy officer, who could click on a workflow that disables that employee's accounts.
Charlotte Dunlap has 20 years of experience as an industry analyst and high-tech journalist.
About the Author
You May Also Like