Lehman Takes Control Of Provisioning

Lehman's implementation

Lehman Brothers is a top-tier global investment-banking firm with more than 14,000 employees in 42 offices on three continents. Our IT team manages several hundred business applications and tens of thousands of user accounts on a daily basis.

In 2002, we embarked on a project to select and deploy a user-access rights provisioning system to improve security and reduce our IT costs. With previous experience implementing such systems under our belts, our team defined an extensive requirements list and a proof of concept to ensure the best product fit.

After reviewing a number of provisioning vendors, we chose a system from Thor Technologies and began rolling it out in December. To date, we've made it available in three regions - the Americas, Asia, and Europe - providing all 14,000 employees with access to core applications. More than 200 applications will be integrated with the system by the end of this year. When complete, the provisioning system will manage roughly 250,000 IDs.

We estimate that automated provisioning for the major platforms alone saved us 1.3 worker-years in the first four months - 96,050 hours in creating accounts and 40,590 in disabling them. The user efficiency and security gains have been of even greater value. We streamlined the request and approval processes, and new users now gain access to applications and become productive far more quickly. We enhanced overall security as well. Consistent business policies are applied to every request; users are automatically de-provisioned when they leave the company; and auditing and reporting capabilities give our management visibility into every aspect of who has access to what. Here's how we did it.

2 of 6