From 24/7 On-call Support to Automation: How Ingevity Solved Its Toughest SAP Access Control Challenges
It’s 2 a.m. and you are suddenly awakened by an urgent email, followed by a phone call. There’s an emergency access request needed due to a production outage from colleagues in a different part of the world. Groggy and disoriented, you get out of bed and provision elevated emergency access to this user profile making sure you track it in your Excel spreadsheet and remember to de-provision their access after the allotted time expires. If this scenario sounds familiar, you will relate to Cory’s story.
Ingevity’s Information Security Manager Cory Anderson was going through this not long ago. For months, Cory was manually provisioning emergency access requests and tracking access on an Excel sheet, which caused overlapping tickets if he was not able to provision the access fast enough. Ingevity, a manufacturer of specialty chemicals and high-performance carbon materials, quickly realized that this model was not sustainable in the long term. With an average of 25 emergency access management (EAM) checkouts a day which added up to over 9,300 in the preceding 12 months, Ingevity needed to automate this process – and fast.
A manual approach to EAM is not only taxing for the security team but is also very time-consuming, error-prone and ultimately a risk to the success of your audits. The process of provisioning temporary elevated access without exposure to risks includes several steps: request, approval, execution and review. Following these steps is imperative to ensure you have visibility and are always compliant. When taking a manual approach some companies miss the review step due to the irregularities and disorganization of excel sheets. If that review doesn’t occur, then that company has lost sight on governance in terms of whether or not there was any abuse or exploitation of that access and is now putting itself at risk of internal threats or failing an audit.
Ingevity, like many companies, also found that the overall cost of not automating was significant in comparison to an automated process. More hours spent on manual tasks meant fewer hours spent on business-critical tasks for the security team. With an automated process, the smaller margin of error meant shorter and less costly audits. And lastly, an automated process lessens the likeliness of internal threats such as unauthorized access, fraud and data theft. The automated approach would allow for a seamless provision/deprovision of elevated access, have an integrated audit tracking for end-to-end visibility, and would give authorized users pre-approved access – reducing the amount of time between requests and access being granted.
Aligning with the company’s cloud-first strategy, Ingevity picked ERP Maestro, seeing the benefits of a SaaS service which included faster implementation, lower cost of ownership and more automation than on-premise tools. With ERP Maestro’s automated EAM tool, Ingevity was able to quickly fix its biggest pain points, deploy, test and roll out in a month. “Very quickly I was able to meet my audit requirements and have operational efficiency for managing EAM in the environment. That’s something I desperately needed to see as I was a one-man team,” said Cory. To learn more about Ingevity’s journey from a manual EAM approach to a seamless automated approach, check out the full webinar here: https://sap.erpmaestro.com/ingetivitywebinar