The County of Ventura lacked a centralized identity management solution as each of its 26 agencies managed user identities individually. Using Novell Identity Manager and Novell eDirectory, the county created a county-wide metadirectory that dramatically improved the accuracy, security and management of its digital identities.
Located on California’s Pacific coast, Ventura County is the 12th most populous county in California with nearly 800,000 residents. With 10 incorporated cities, the county is ranked as one of the top 100 highest-income counties in the U.S. and the 6th wealthiest county in California by per-capita income.
The County of Ventura has nearly 8,000 employees in 26 different agencies who work in more than 120 locations. With a distributed IT staff, each agency was managing its own user identities across hundreds of applications. The county performed much of its user provisioning manually, which was becoming unmanageable with a proliferation of new Web applications.
Implementing new applications county-wide required a great deal of duplicate user administration. An even greater concern was data security and the need to comply with regulatory requirements. The county wanted to centralize and automate identity management to increase both the security and efficiency of managing digital identities.
The County of Ventura evaluated identity management solutions from Microsoft and Oracle before selecting Novell Identity Manager.
“Novell has a mature solution, as well as a leadership position in identity management,” said Paul Stamper, manager of Server Resources at the County of Ventura. “Novell also provided the only solution that would work across our entire environment including Microsoft Windows, NetWare, HP UNIX, Linux and IBM mainframes.”
To pilot its identity management solution, the county used Novell Identity Manager to synchronize and manage user information from 10 Novell eDirectory trees and Microsoft Active Directory domains to a central identity vault. The central identity vault provides role-based access and authentication for 11 different applications, including e-mail security, a variety of Web applications and the county’s Internet proxy servers.
“Centralized identity management is the foundation for our service-oriented architecture,” said Trey LeBus, lead engineer of the Identity Management program at the County of Ventura. “We needed centralized user identities in order to provide and deploy county-wide applications and services. Novell Identity Manager makes it easy to deliver new services to our users.”
Having a centralized metadirectory for user identities has dramatically improved the accuracy of user information, as well as security. All connected systems now use the metadirectory for authentication, eliminating the need for redundant user databases.
“It’s almost unheard of for 26 different agencies to agree to fund and support a centralized project, but they did and it has been a huge success,” said Stamper. “We handle more than 200 million logins per year which speaks to the scalability of our Novell identity management solution. We also haven’t had a minute of downtime with our authentication services in two years.”
The county’s metadirectory has dramatically improved application deployment. In the past, deploying an application county-wide required a great deal of manual effort and redundant user administration. Now the IT staff can now roll out new applications to all county employees in days, rather than months.
Users now have a single ID and password to access connected systems. In the past, users often had to remember 10–15 different passwords.
Subscribe to Connection Magazine
The county plans to implement the Provisioning Module for Novell Identity Manager to create workflows that will simplify user provisioning.
Moving forward, the county will integrate its payroll and human resources application to use as its authoritative source of user information. Users will automatically receive accounts and access to appropriate applications when they join the organization, and their network access will be revoked immediately when they leave. Increasing security will help the county respond to regular audits and comply with federal regulatory requirements.
“With Novell, we have been proactive in implementing an identity management solution, rather than waiting for a regulatory incident to put us in a reactive mode,” said Stamper. “We feel we are way ahead of our county government peers in having such an identity management foundation in place.”
By centralizing identity management with Novell Identity Manager, the County of Ventura has improved the accuracy of user data across all 26 agencies. The county has reduced manual processes for user administration and can deploy new applications county-wide in days, rather than months.
Providing users with a single ID and password has simplified their access to applications and significantly reduced the number of password-related helpdesk calls.
“Novell really went out of their way to ensure our success with this huge identity management project,” said LeBus. “They took the time to understand our situation and identify just what we’d need. They have been a great partner for us.”
Novell Identity Manager
- Centralized identity management across 26 agencies
- Reduced manual processes for user administration
- Simplified user access with a single ID and password
- Increased speed of application deployment from months to days