CAS Severn Solves Security Identity Management Challenges


Client needed centralized identity lifecycle management to automate, administer, and audit a 90-day password mandate.


IBM Security Identity Manager


  • 1,400 employees using the IBM Security Identity Manager (ISIM) solution.
  • Helpdesk calls for password resets nearly eliminated.
  • IT management can audit and ensure compliance across all users, platforms and applications.

Market: Commercial Business

Solution Area: Security

In an effort to protect confidential information, the client began requiring all users to change their passwords every 90 days. However, they needed a central automated process to either administer or audit this mandate. In addition, they needed a way to change passwords over multiple platforms and applications and a way for users to reset forgotten passwords without calling the helpdesk.

As a long-time technology advisor to the client, CAS Severn was asked to evaluate the mandate for end user password changes every 90 days. The longer a password went unmodified, the higher the likelihood of the password becoming compromised. With sensitive client information at the fingertips of employees on a daily basis, this was a risk the executive management team wanted to manage.

CAS Severn worked with the client to fully ascertain both the short- and long-term requirements. After gathering requirements, the CAS Severn team proposed IBM Security Identity Manager (ISIM) solution (formerly IBM Tivoli Identity Manager). Facing strong competition from Computer Associates (CA), CAS Severn was awarded the commercial business by the client as ISIM was functionally robust and the CA offer was significantly higher in price. ISIM was both a Gartner Magic Quadrant solution and cost effective, making it a solution with a strong value.

As part of the presales consultation, CAS Severn introduced the client to other insurance companies and enterprises using ISIM successfully, including large-scale implementations that validated the scalability of the solution.

The core platforms for which the ISIM solution was initially integrated included Active Directory, iSeries (AS/400), Lotus Domino/Notes (email), and Filenet (content management). As a robust identity management platform, ISIM comes with software adapters that allows ISIM with out-of-the-box functionality to manage user accounts and passwords for Active Director, iSeries, e-mail, and many other platforms. The ISIM implementation was deployed on Linux running in a VMWare virtual environment on blade servers.

The client now has 1,400 employees using the ISIM solution nearly eliminating the endless stream of helpdesk calls for password resets. IT management can audit and ensure compliance across all users, platforms and applications under the control of ISIM.

Posted on