|
|
|
Citigroup's Account Management Nightmare: 50,000 Layoffs Means Closing Up To 1 Million Accounts
By: Brian Prince
2008-11-19
Article Rating:  / 3
There are 1 user comments on this Network Security & Hardware story.
Citigroup announced it may fire as many as 50,000 employees. Hidden amid Citigroup's perceived savings is the cost of managing to shut down access to as many as 1 million accounts, user names and passwords that falls on the IT department. Managing that process effectively can be the difference between a data breach and peace of mind.More than 50,000 layoffs at Citigroup; plans for as many as 6,000 at Sun Microsystems. With the current state of the economy, many companies are going to be faced with the prospect of managing the retirement of numerous accounts.
While it sounds simple enough, a study by eMediaUSA released earlier this year found 27 percent of respondents had more than 20 orphaned accounts within their organization. The survey, which was commissioned by Symark, also revealed it took many of the respondents more than three days to terminate an account after an employee or contractor left. Twelve percent said it took more than a month.
As the breach at LendingTree this year illustrated, the presence of such accounts can pose a serious security risk. In that case, former employees helped mortgage lenders gain access to confidential information through orphaned accounts. Such behavior may not be as rare as we want to believea Cisco-sponsored survey of 2,000 employees and IT professionals released this month revealed one in 10 end users had either stolen technology, accessed someone elses computer and stolen information and sold it, or known of co-workers who did.
Add up these facts, and youre left with the importance of managing the retirement of user accounts effectively. At Thrivent Financial for Lutherans, a financial services organization based in Minneapolis and Appleton, Wis., the process begins when the human resources department is notified that an employee has been terminated.
The responsibility to terminate access falls on the line manager, explained Craig Cooper, senior project manager at Thrivent. When HR receives a termination notice, our IDM [identity management] solution automatically terminates accounts and removes them from the target systems. This process is used for tracking employees and non-employees. If the manager does not terminate the account, the employee is still on the payroll.
The HR system tells the IDM system about the termination, which then communicates the appropriate changes to the target systems, he continued. In some cases, access to the target systems is automatically terminated by the IDM system, but in other cases the IDM system sends a work request to a security administrator to handle. Once its completed, it marks it as done in the IDM system, he added.
This standard process is used for terminations as well as new hires and job changes, Cooper said. Access cannot follow an employee throughout their career. If it does, you end up with potential segregation of duties issues.
Managers review access semiannually for employees and quarterly for contractors. Cooper stressed that there is no manual element to the process. That is likely a good thing, as handling the process manually can be time-consuming in large environments.
If the processes are well-defined with complete workflows identified and responsible parties participating at the right portions of the process, much of this can be addressed manually, said Gartner analyst Earl Perkins. However, it can be labor-intensive in complex environments or in large-scale ones without an automated system of some kind.
There is no shortage of technology to help businesses automate the process. Sun, Oracle, IBM and others all have identity management tools on the market. However, having the right policies and procedures in place can be just as important as technology, particularly when it comes to mass layoffs or mergers.
In these cases, it is important that IT not only work with HR but also provide necessary communication to the business managers in each department, said Matt Shanahan, senior vice president of marketing and strategy at AdmitOne Security. Without strong communications, IT help desk will be flooded with questions about access to information and applications.
|
|
�������x}kw⸲Z�4C'<��zt؝@w�IBϙ?quJ_<�cNNKRUT*�y$s[��֘\ÙIIvj��]zg{/K$[_�@1'-C�;n=�h:@
;p�|Lcl3:|f��
p��7oe�>J� &Ԏ@0]2x[c:&׳1ԓ�7(`p��,F5$(�kzZC'A�:4MZ�P8$y&Z|9$?y:�ijMcX#A}#%B}{*�N5wlX�Q�CR'^bƱ�0��!ǎ4~�S{+C�p�_C�*G-�`94.�$gtj.O_FBR��8b=/�y�y�@²-(r�_7@oǮ=d暻�wQT(�9a#�&�}y�
��_�Rv5߰[dQ=�ʲ6
�hi9nTT:P|P)�ŃNr7}5{0p*nO͇_E}v!>�Lͺ��ж�F��}|vN{u~V�4n8�� m��:V6Rߘ�`J�LTRB63� TXx^�X}t\卒^7nJxPPjM-]5=-bv\ã0�F_8(J�:eu}uHu|vtn"|c9̠T*
PFfP%+��ЩZuܜ<_sܴ/O:7]rڹ&'OV�Y=s �p�+?YT'[\�`Ck'^ĻIXC9�C-0
ϖҁd!3|9}j�o]}<:o�$7cY>靐z��YB3eu!�r;{�ReQco0Ú�y >!%9�)"-C��N��&Y^}���o4��!`J}�̸gR�49�VϠ��蟉$W�m�4�@r�YSl �R�j/�,.|i�* b�Ըr�ݠ@PS>ΧK|�!BN3t
�A.r)i �t�`o8{ÈWX*\�E9?f!�s WQ�'�:� x�|?sskw0aEiŬ9c 9���i\X#D�
hN
���C
R
�g?6taZ&4
79CVs�Ӡ�yT�X&�3=Ͱ&p_;�+og�zjr��=�SM|fs)wdmӰn�C77UBsN@B/W2 \_&VAB5
6d:ɤPl';oW f8$|r*�#w�|���1�8�FLQ\O'ō8�)�|ЊO}�}?ٲJb-Yֽ(Uע�%fcP*{KúJ�J//�H�o`��m_Eڠ�eeLGiK-#��
I@&�(�΅�ò�=4Pr<��x
E
7q�Sc�
.�
X�U.(r࿚�pd4ê%5V9,Wfn
����(�M��P?��-j(4�fSXSv:h�I>]j>h>Ol?}�C��\�pd`/R3:¿w5gұJ )ՅI�,䧒\��%"QȚ5'A(JqЧȅa| s Mn��N�uW�hPQ�
BI�M5+
c[���.;һG>U�=3�$h@jc4e2fj��4_l0-xocJ�D%xX1O�kMf�٣O䱧1ۊ�ψ0@q�_xHE�1AxZkhp��\�x@�E.Z�r>�r��+""��8Utl)
FujqM9&`�n`Ramy�K&��K.uqӞ�rFVyYBf�7=zT+BZ>N
(JT*��g7r#)' Sf<Ǿ=���y�翜3qrSo�a>k냩ܦ[pM9s㒏�S˰ c��# ,co0k��fWc#S _*)Pg_rR͔"
Cå_7rJm�伲h1�
]lW��6�>pW;�P�V�81'&�B1"GBtl��Ȃu�!WX2tX�
`��1a�#�C
B��EW�Fڬ̷Ow�^�u.aOS)ƵV(tu< `_{snM�\�=�WC�$*�X�wUG�j}u��+�Ղ¾_IW�7k)|h��#Q@�2<"�꣗�8l�zl:��ӁjFB�-8�k*ϡ��=WT���lX@b+�>~:+l?g`̦s{_=(UXc�
փ0 JG}3G>�ymkH�9T�b9�J9��ޡ�0)�6@yz�c#A^=8P�6Xi�l=�["c�36b"~j�sq3_ʗ�0=@"��!f.3O}1tOf&ӧNy,
ܾͼ)JOxG�2cd17(Ъ&��#�i��w�]�]">�?/$,RQv+T+�I�+TX5?7u}w`-XWrM��L5<�E࣏Ն�?�^�nVɵZV/b�IC|)�AU��%MP�*J)�S?YTIA%GEB�֢%3R�-�ܝ`@O|K�O]�
0łezI�M�QzA'�nK-%. ^zذ:Z�k�(tם7/��f1secfaI39�`�{qO$#
�3�#6[YQ��sZB )gI�'cg?f�m9�:Jwe2qz27(۞k�MOw
'xG�
?ws̾6�adJd@*�U�]�*L�ȅ1�B�qC`I\}PJDw)�,�~w9ހg�|\W
��+jrF2��@BRB$d1~\E!�Ĺ{�g:vݹ<$�"̼5rj?y�jy}q 4
8"/OZ?�R�}|g�a\Tez�LR(��{F]p�́�ǽY�j/K�y�Dp0Z�<�!N�p.ۗK�y�ūeKc�u[�j�DHC䄬�W!y[FS�Ltk3d4)(g~H/�6�b5��--s}Һ̂�Ӝ8�"k5c��fvy8aVxy~jWX��2kn��&&���UtZ>�B>_���� c@JA=�Vo8iwΛ#I%LB�(�����1tJ1J?_RB�MQ�=#�ijqə�π/PIQ�):�*9Q_ZAkѷo9F߀>O1Ok7�tE�h[(k��p��VbsZ;t I1?x�>ow��e|z$/�Ӌ/p�QZ�ilu
zsH&pHS��9mթ-8iCl�y�0;F}�`� OS�M7Ɠ4ɨu͔:p<5�RL蔀'�'C8�
z>RB'T5˓8/+qYO(Eqhd*ꒀ~*~(i&'ءX�ԛ�^5/7'8
$
k|isq/P}~%h��dgKe
2
Kp�kP�q<��+��c
;|E?�J[L>Xɫq-�jw~W!>�
?<�9G�s`c*,�䊹�t#AEbםe3D�1uwb;2x�;�xZ1�?ݮpne9zG|۷=s�'5\;�6'cv,Q'�}��9,m
DK,Ai�[�;�/P.zs��gOɍ23Xǵ�
j}hl+ҿDž5bphO5.I\vzyk]�arԂ.cA=I��\Gݽ1&])sGA,�k4�9g`Jg[ٽF=�FC�[8S/eJٽ$vo-;*A=sC�<-�L�?G�gc:��M"�INQԜکyUdE)I]9 ~Gg#�^q:-8 ��&n]�%3�<яk�i^�h̠t4t꾫ݵ�1{K돍R?{5@�^=ˤa�2]a�*)�w}�zD)]K\vQh�r;X҂E%y(QQ�!{ �GH,gzkYXxlR֮tߵ{�cD:�>dO>^jѼ=h�Y��~D�VΣ~]c�n�gI&rd�@S�qq�p~vn�wcJljl�� 4!Q"h�9o�٤h��2�v��0\�f�>c!�\丹B45>�&e�x\r
9]�NS^�>f�1((q�ń[ا=zk�aN?ZiEl���z�_p$�}#%!XD;�O�l�/I�ovűؕ�0b�ĵf|{D�R�i"9֤AcDh�.rI�IIY=i?>)r.Cgs_hgSL��|FQOL(�0qαQ&Bie�w�^-�W-�GEpYknH�~�ず,���JHl�
"�(�̠uZTI�Ȯ ��~f4�bZ�urH�
8gh/�E{Es�$ks3�Iqy�=ԓJe\Qd!bKz��x�_xD݇IBB�QJHO?AW�^#|.�lc�FR�I9؋GKa�9q{��%$ҕk
+�O
2�ɗnS�'|�ivj<�.jҙ
��r$���r}�Y�$ A"�$ Nr��Z� (���ފJʦVx)#?xOB]"5\*42iTR`w�),2$DD;'6|*U*J6�Ǡ��0[!
tτB��UW Z@�Q%l*[|mU�]{J A�hm��6\SO���:6Tas
8:`�yX�&E�HDJ�e_�Q_x��R%vG�zGMaFiyMM
I�מRq8Ԓ̑#U+i0EkD�$!NXE8B3�9�JlƦ5WU�NYB~�L�Nkɍ(+(F+�۞��@O7'��LRPB%>DI<�!-)h% v "͐�_p�^N��KK{<5=�@M雚�0s�e#v�
J\JZ��p$�G88F<�G�;_�h7�*-6��k_�K�oooo?q}V︎1߫m�M
IN�O|��4�m�,|Ú2
�a{j-I4�$�h<�J���Ӥ1U% �shx�R}h`:3~�$'�:3_t��Lo6�}\�͡�I4��<��N��Og+}=L$Z'PW7�)Yy�|��u4ϸXbXi�căj,Z�KJ�u�K6MBؑac�6h�}=$\gR"`6KqBTe�~[�>`t|MmÓ{3!i^p�g$|<
��pL�>z(?IƋڐOK/xnc-�;�;��� CnͲ.��TRKR\`kf����p|�K�gX�bֳ@ᓩ��bk�4~eCV)�ĶN(ˠ=b<]5nq
�+4T<8(V���(@�8-�H��(WP/A%�{��/�eCN ؔ`6oI1�g���I#{��gwL$��z<��o#�vomO0kkb4~e+M�㪿9999rgpT6gn؆!�|yYG)8�MN]�t:j?${�{��kMox{^Wj{�\�kf�o�Y� �XX軑>P�ȓ=Ѭ1M� g5S�!6@����sO3.xI�Tj�wԦF&dU&��]HQ�O�0�{h�_c>j{DDNzn�Fj9S;��t�t$�^v�OMC1D>�2tD�yJ=N׳��g!P�R�!O�S�3/Nƀ/Dy}_�:6�_ٮfN����}]e,Z�=<�1lh�@]ea<���`|Rm>���' 6^cÊ�X@gޤ/]ۚ;{#��@ud݉=3�R$v� gWD ��8�d3�ũ�ƽol\u�/s�.H]6L-;_�:�&+XAgJA-�?�r.��Y/1rφמglr��L�v4SnA�DV>��O�d]yܿYM�/l�M0\Л��ls�mXû{a,d;6�LHJfo�?fj
P|F0o��
c��0[=z���UQ=˹tjѥ{{i,�{lp{,1Ήq�] >(ߒ���ZR�5 V$��dj'o�
fS&e<�L~ p'�=<�"98\"O\=�>gm+Y��'wP'c>k^e�K�/?�7T�:Z�o�]䷅B'X�8$e�_u,¢�a��٥@ Ⱦ,QW��*4+Nx�f�^F
�]a��0McؕĠ�!�=|�0ǾAX�^q�Xk3&B|���FʨX�[���a _��2ZG�B�A8A�Xx��ˉ�}9��AE!TG,�#h#8Iٌ˃eS\zO4hsω̋,�Y4nK��c.Mj%\HP*D$07�_h"?���|dD+9m��G �F�WeBzYh2?uȘ{�x�a*�aF
f&ٝ7�
g�Fb
5^\}ĭBA{V7>B2<-W}�W|�%]hR,bH�X#:�&+�
ާ%wA�>pw<-˕}E-�ݑi?zx�ـ�jcEg~�:��tdH9~�ɝ��M��FG�5 ׀��ϢxBW7�el�Nh$�|b "uFf&$�T
)
DaѺi> ?4u=oz.zxX�2`g~�LOz#Xȝ2<_�AAp�� 'l�=��R+�߲9 wC�9s\v��f+U]?f�7�>�a7�5|$rkQC9Ҕnze7/`�#}~���̀�,Z�P��<㊌F��2*m&�nI79mNb-i`I; aN���J��z>+�ȵ��I!O�f4 `"1aX9c3bwt�ouʧ0>i_11F~ŷn �l�C�;b21#\.G�9g~4ϗp��H'�U�?u�(J
"P�F:�
���![C P76�&js#%/�9�os>,aԟ`9��/Lla`t��.t�M_̏NN�t9�A$p͒�jf���+�2|{��ag��c�fb[7��%iDZ||Lb
]�4�B0h6/C<_7\}m|?띉{2K#(�p�
@Ka1c�~P|UKi?_s]�1���Q�}-䠿,+&7.`�+I)(�����I͐�;}�^2o>40 =b3br]osJѼ:LN;פIN[-x=n_ڝKr:))lk�nI|9|>\}>m_ۗLpa&hD湶XQ)�3GY��ybvʌPN�ZcͅfU/iSU9$8/J��M`bY͚?v�J*Q^�* ^�&6yBuUө�p�ڽϏПxu3�K_���֣xB]Цk1ŝ5�Ljs�g=&���
)nu:e+�LjV}Qy�xR�?�忤_C&pj3�坔r�I+�ʏח�}NS�Pq}Y;8k/od�퓔r�gڗ);��LC73^_~�SlH��EJ/�E�|E
}/>�)_�"?/?/R�e2SJ��R~��)0){ s"?0~)�;)w@tRO�K'E\�\�5u
tݔwݔz)�^_�c
}OiпO)�B�(I+�I�h&��u2�Ay3EΚWpz~;"9J)/e�G)R*H{�V�KӔ�(Og<���~-2*Bϔ~�y/�>G Ks�_W�KI0�ntӖKT3̵cn%:Hv�^_�j9.~QBxdB$Wih
_3�A�#rD��4k�Kqǜ�<1 QX>|�.7f�t{|��U%�6攣݈,-/:)7.p{Z{&�;�Gõ;ZءƊ |3/߆z�Hڟ'8+8}�]G,T+6� �WX�-JK�bġ�$Н�\Ͱ~3N,��B8�WEjoRx�s�)]SS7|-ӯ�.h
w;cv{_�u�:8T.jQo\)Uʙw;5��H�'K1�QTY*��6��b�`"�
*�s>P�`24UB`
m81C=b�{hì[P7�L"�ұm[úů˘E͛YȌ�L�I57/�ጽNۯH��D`y�f@�2b'�`{j��z5�0�7z@OA�35�̗>���^���`iB�Ћ߅tI{żx6
,0��(ɘ����Imk䂴kp͛|�v�"+.Plb5ɟ Q�eO�]'2�o
/ezJ1�1-�=a�6�퉷�X#iZC7X�vʀ_oh_np��QfWJoˉ�3
JmXnaPj'Z3�mc:HOL-sm{rl��kW�w&h�b'/Հ�m'�[_{bx6p&gb4jx�Y��~���r(�pىi/1Sܭ�./ЄBl����K:ݟ15{`3v� p7�칸9L����&dxW.[l{,��)��(0v$mP����``۷'.^(A�O�
(ٵ?�ʋ Hz��#�,h�:�Qgv;M����Y{qKD|&z�U p$.7=j"2�Dw��Άb'ȏQv0^R�smq�Sun�WI-kX�|@ăx!$��5�|X%.Heֳx&Yұ�ߚR
TDO��"vy9=�|IN[zQؗ�F@1agG�ۖ�g*I/';@�ʗ!�!#R.ؐ�&/"_S a�somy㲁e"=`S
h�9i�3D:�9����Am'{Y*l܅12J1p(qme��F�ӧޓ-[$@#5E`0v4ae8$x%�zc<�9z�n% �-�**hoKoڇu.�H|�nH�KUƧf2{N{:��ag
G&̖$߀)0p5w G/7~|��r@c]Ta߂��^���\j��\j�L�.�BTvb�bq�Y;g&�EΠ�pw"#Q��*Юm^�x�9�Na^q=Ӹ+AѮY�m0g60
o��/#�\$c`WH{Xi[��1�bd+q<3�G(vW",@P�݆A�W5`/��=H�^S(|9NmRjãGX�Ǹ[�[)�Qy: <Щ0X\bսʶ�)E=b농\
�Ш6�pSTVD'���3^-��y-g¶"�yXl@cbS,LڙDα
ya1 ���+��o=e6��G_lk0^n,eW��YX&�7DV�/O B�ׅѰ0�L;,lyE�E%%���ÀRFm��f�K#fx�E1[�Rj0g�n�~ӣ�f<�4W�6QĶq��y4}~e>0#rl;sgǚrpP0�U9M�jֺW6x�ozc|�[w0�XjPtP.9͑��0�
�Ù"�ۄ!w0ѕDM1F(ͦ,1��f� �Ax���v�4<1�T����nh1)�d'kEI+C799I>e�1�Gn0Lt]H
d[\_م5���.x C��,$?��ˋ�}P�
cyx ŧ$�VS7�|Zc^545k<�]�}��(�Awq�8O={{䷝7ƈF%CN |ݫA�>�tX|_���-�fZ�3?w|EcD�7�fYx/�E5:����(ևD2��To
!pF�>wuPb0F=@;c4\|�)�?�f'�xӅ�ՂyI(h>eS]�Lv�ȚLv2�o
ށ@4�z�l
G Y�Pq`H,j8#L�{d+pF#~O7 5����� 4��]e�57!h��
+{X�ެ5�%
BdҶvK���=B�iB~'lbELy( n&?H֗!�c�:{[�ZY�[���PS�5���iv�[G�<@�|=..�7�b�뻴�G8�q�h��en�1Ą`�]>RQk��#p*�*!�t\A)L��8-K~߉��N��:�HʨJx -�YYe7|A"0ao
dw�|$R$�w"ܒ�B?~|c{w�
y4b<o�bnJ��xk)�s*!bE.f˼JV��6+]�o��R 酫a6|�WI36Y2[�۞k���X,GW5d7kI�o2{"]s�`̩��l]_�>.]
�vz�_�"yQgn6E
ش�<]/�Z#بMg?�gI�[�4qI��H��RX)Xq�`4)��wf^#Ȼ�kp*|t7;�;��`U��ix��A=vֲٿ�8Rg�Z9�>�gYqϓ64dɗ!��ŐԼ/r��V@�*j@y�+[#Ռ�q �q`�9�հ]/�S,�G3+8+pmGN!C/�L�EW\<ʮLCV��
�ւ-}}>op
�=�N;=y>|(h)p%4y^ W-zu��%X!6�[ΣVYpEqs}w�?�5?|<&�ӹ>i%A0�OXI}"ނ�jol=GC0� �
�D_��#���pJ,�[o,I1E�nXC��b��-X!d�5pa`/ٰMi8P�Y(�9ʍ8x|J6Rm*
]'ʾ$5lSy�x�qaY"g�;�[�Y�B��
|
Network Security & Hardware 
