NZ-owned Bank Reduces Privileged Access Risk with IAM & PAM Automation
Automated staff movement controls strengthen security and regulatory compliance
Client Snapshot
Organisation: Leading New Zealand-owned bank
Industry: Finance
Challenge: Insufficient role changes, offboarding gaps, compliance risks
Use Case: Activate Identity Operations
The Challenge
Our client, a leading New Zealand bank, needed a secure and efficient solution to manage staff transfers, role changes, and offboarding processes. Manual workflows were causing delays, compliance risks, and operational inefficiencies, particularly in the area of privileged access management. Their previous approach to managing staff movements and access involved manual processes that presented several issues:
Inefficient Role Changes: Manual updates caused delays and inconsistencies.
Compliance Risks: Access was not always updated in line with staff role changes, increasing the risk of unauthorised access.
Offboarding Gaps: Delays in revoking access and limited visibility into privileged accounts increased security concerns.
Lack of Automation: Existing, non-automated workflows lacked scalability and did not meet regulatory expectations.
The bank also had to maintain compliance with the Privacy Act 2020, AML/CFT legislation, and Reserve Bank of New Zealand guidelines, which emphasises secure access controls and the protection of sensitive data. To address these challenges, the bank partnered with Activate to automate and secure these critical identity lifecycle events.
The Solution
Activate deployed Activate Identity Operations to introduce automation, improved oversight, and strengthened compliance:
Role Change Automation: Automated user updates and dynamic role-based access controls using .NET Core and Microsoft Graph.
Offboarding Enhancements: Automated access revocation, delayed deactivation to support handovers, and secure removal of privileged accounts.
Privileged Access Management (PAM): A PAM module was deployed to manage privileged accounts, with automated provisioning and de-provisioning supported by monitoring dashboards.
Custom Workflows: Updated service desk workflows and web templates to streamline access changes, along with enhanced reporting and notification systems.
Key Outcomes of deploying Activate Identity Operations
Activate helped the bank to reduce manual processing time for role changes, staff transfers, and offboarding. The solution also enabled the bank to free up internal teams to focus on more strategic initiatives and strengthen security by reducing the risk of unauthorised access.
Key Outcomes:
Consistent and automated role and access updates
Streamlined privileged access controls
Workflows aligned with industry best practices and regulatory requirements