Skip Ribbon Commands
Skip to main content
< BACK

NNIT Strengthens Compliance with Identity and Access System

Who has access to what data and when? With the AccessIT solution, NNIT has implemented an automated identity and access control system. AccessIT manages employee access to NNIT's own systems, but can also secure our customer's IT systems. On top of this, the access control takes place automatically so it is always up-to-date.

IT is the backbone of all companies; the strong core that the rest of the organization depends on. Often, IT systems are the employees' most important work tools; optimizing processes and functions, and enabling more agile workflows and trimmed-down costs. However, it is vital that only the right consultants and employees have access to the right systems.

From a security perspective, companies are subject to a number of regulations regarding access to IT systems, especially in the light of the EU's updated personal data regulations, GDPR. These new rules impose stricter requirements than previously for the handling and storage of personal data.

– It is essential that companies have control over which employees have access to what data and how these employees are permitted to work with the data. Put simply, the right people should have access to the right things at the right time, explains Kuno Kasper Larsen, Subject Matter Expert, Identity & Access Management at NNIT.

Automation can benefit your company

On January 1, 2017, NNIT implemented a new, automated identity and access control system based on SailPoint's Identity IQ technology. AccessIT replaced NNIT’s former system called UserAR, which required manual actions and as a result was somewhat time-consuming to work with. AccessIT automatically supports business processes to a far higher degree.

– We have put more intelligence into the systems, and with the help of HR and access data, we have improved the system using attribute-based access control. For example, the system now checks an employee's data before granting access to a customer's IT system. NNIT is a trusted partner, and this gives customers greater peace of mind, and allows them to use the system when documenting access control. In addition, it strengthens the guidelines for what NNIT's own consultants may or may not do. All these things are managed by automated access control, says Kuno Kasper Larsen.

Break glass procedure

IT emergency plans in, for example, an IT breakdown situation pose a dilemma for many companies. For security reasons, the basic rule is that only authorized employees have permission to access the IT system. It can be problematic if there is a breakdown and none of the authorized employees are present to solve the problem immediately.

– For this reason, NNIT has developed a break glass procedure, where our IT technicians can promptly apply for access to repair a crash or error in an IT system. Thanks to intelligent access control, the technician's access is time-limited. NNIT operates over 10,000 servers for our customers, so it is incredibly important that access and identity checks work flawlessly and are designed to suit the needs of individual customers, explains Kuno Kasper Larsen.

Advantages for the whole company

The Compliance Benefits of AccessIT are clearly visible, but AccessIT is also business-efficient. This is because access is mostly granted on the basis of existing data, which reduces the need for extensive manual actions. On top of this, automation ensures that the system is always up-to-date.

With AccessIT, NNIT has implemented a solution that meets the demands of companies for both IT security and efficiency in the digital marketplace.


AccessIT with NNIT:

  • NNIT's automated identity and access control strengthens the security of customers' IT systems, so that only validated IT technicians from NNIT are granted access.
  • In the light of GDPR, the EU’s Personal Data Regulation, NNIT's optimized identity and access control is a helping hand on the road to compliance.
  • Customers requiring security clearance from IT personnel in areas such as the government sector can benefit from NNIT's new system, as personal information such as authorization from an intelligence agency will be registered in the HR system.

 

To learn more about AccessIT from NNIT, contact Kuno Kasper Larsen, Subject Matter Expert, Identity & Access Management Design at NNIT, at email: kokl@nnit.com.

 

 

Kuno Kasper Larsen+45 30793021kokl@nnit.comSubject Matter Experthttps://www.linkedin.com/in/kunolarsen/Kuno Kasper Larsen

 

 

Identity & Access Managementhttps://www.nnit.com/cybersecurity/Pages/iam.aspxIdentity & Access Management
How scammers attack your company using CEO fraudhttps://www.nnit.com/cybersecurity/Pages/How-scammers-attack-your-company-using-CEO-fraud.aspxHow scammers attack your company using CEO fraud
VR Cybersecurity Traininghttps://www.nnit.com/cybersecurity/Pages/VR-Cybersecurity-Training.aspxVR Cybersecurity Training
The Fine Art of Aligning Business Strategy and Information Security Strategyhttps://www.nnit.com/OfferingsAndArticles/Pages/The-Fine-Art-of-Aligning-Business-Strategy-and-Information-Security-Strategy.aspxThe Fine Art of Aligning Business Strategy and Information Security Strategy
​​​Building a sustainable defence: How to secure your operational technology (OT) environment​https://www.nnit.com/OfferingsAndArticles/Pages/BuildingSustainableDefence.aspx​​​Building a sustainable defence: How to secure your operational technology (OT) environment​
Breach Preparednesshttps://www.nnit.com/OfferingsAndArticles/Pages/Breach Preparednes.aspxBreach Preparedness
NNIT Cybersecurity Summit 2019https://www.nnit.com/Pages/NNIT-Cybersecurity-Summit-2019.aspxNNIT Cybersecurity Summit 2019
Digital Work Placehttps://www.nnit.com/advisory-services/NNIT_Academy/Pages/Digital-Work-Place.aspxDigital Work Place
Advisory & Methodologyhttps://www.nnit.com/advisory-services/NNIT_Academy/Pages/Advisory-Methodology.aspxAdvisory & Methodology
Control Your Security & Privacy in the Cloudhttps://www.nnit.com/OfferingsAndArticles/Pages/Control-Your-Security-Privacy-in-the-Cloud.aspxControl Your Security & Privacy in the Cloud