Advertisment

Yes Bank : Identity and Access Management

author-image
PCQ Bureau
New Update

Data security is one of the prime drivers in banking industry. Also factors

such as organizational restructuring and consolidation, and information change

are a major concern these days due to the dynamic banking landscape. The

business need of the organization was to protect unauthorized access to

resources including databases, devices, applications, etc. Yes Bank followed a

unique approach to plug the same objectives but with much simpler, achievable

and low cost architecture and has successfully implemented the same in their

organization. Yes Bank used the existing capabilities of various applications

such as, identity and access management, and developed a process layer around

these to cater to both needs. In this implementation, IDs were standardized as

step one; all users across the organization, including consultants/vendors, have

a unique ID which is created by employee/contractor systems.

LDAP integration was enabled to facilitate single-ID/password. A workflow layer

integrated with HR and Vendor Management System was created to take feeds from

both systems on entry and exit including the role definitions. Wherever the

target systems allowed 'integration' to add/modify/delete rights, it has been

integrated in the system and where not allowed, it is done manually. Automated

quarterly entitlement review for user IDs on all applications, technology

infrastructure devices, mailings lists, generic ids & functional IDs is done.

Project

Specs
  • Project Head: Gauravi Gangamwar, Manager
  • Deployment Location: Mumbai
  • Team Size: 15
  • Tech Used: Linux OS C Programming SQLite Database
  • Expected life: NA
Implementation

Partner

Geodesic

Advertisment