About Camera dei Deputati
Camera dei Deputati (the Chamber of Deputies) is the lower house of the Italian parliament, home to 630 elected politicians. The organisation has a number of principal departments, as well as administration services and liaison units that work with the Senate (the upper parliamentary house), and all other areas of government.
Challenge
A number of different groups of people require access to the information systems at Camera dei Deputati: the 630 members themselves, researchers and political assistants, and journalists. Depending on their role and seniority, different users have different access rights to applications and data.
Ensuring that access rights for all users were accurate and up-to-date was a significant challenge. Essentially, the list of authorised users is in a constant state of flux: deputies are re-elected every five years and may also change their supporting staff at any time; employees may be promoted, move departments or retire; new journalists may request access to data. As a result, user administration tasks were occupying a great deal of IT department time.
Camera dei Deputati wished both to cut the time and costs associated with user administration, and to improve its system security against unauthorised access. To do so, the IT department needed to find a way to integrate the user list with each person's role, responsibilities and access privileges.
Novell Solution
The selection criteria for the new solution included the ability to provide a unified source of user identity information, to manage access to applications and network resources based on institutional roles, and to automate the provisioning and de-provisioning of user accounts.
Camera dei Deputati selected Novell Identity Manager as the best solution for its specific requirements, using the software to create a single repository of identity information for authorising access to its information systems. Using the Novell Identity Manager Roles Based Provisioning Module, Camera dei Deputati created a functional representation of the organisation chart for the Camera dei Deputati, assigning the appropriate access rights to every role in the chart.
Each administrative department within the Camera dei Deputati is responsible for defining the roles of its users and its organisational structure, and for maintaining the accuracy of this data.
When an employee changes roles - perhaps moving to a different department or being promoted to a more senior position - Novell Identity Manager immediately updates their access rights to correspond with the new job's requirements, based on the information defined in the Roles Based Provisioning Module. Principal services include access to files, applications, print functionality and a Web portal. In certain roles with more sensitive security requirements, the Novell solution generates a request for a senior manager to explicitly approve the change in access rights.
Novell Access Manager authenticates registered Web-based users of the portal against the central directory, providing secure access and enabling the use of a single password for all resources. When new users are added to the organisation, Novell Identity Manager automatically provisions them with the correct login credentials and access rights - based on their role - and if an employee leaves the organisation, the solution automatically and immediately rescinds all access rights.
Novell Sentinel monitors network resources at Camera dei Deputati, not only protecting against unauthorised access but also keeping a full, auditable record of which users have been attempting to access which resources. In conjunction with the other Novell technologies, this helps the IT department to ensure that sensitive data is fully protected.
Results
With Novell Identity Manager in place, Camera dei Deputati can more easily manage user identities and user access rights. In addition to offering greater efficiency in user management, the Novell solution accelerates the provisioning and deprovisioning of users. It also provides much greater clarity, ensuring that the IT team can quickly see who is authorised to access which resources.
The role-based provisioning included in the Novell solution has simplified the task of providing the correct access rights to each of the various groups of users. It has also moved responsibility for defining employee roles from the IT team to the departmental managers, giving them a simple graphical interface that offers full control over their teams.
By extending authentication to Web-based users, Novell Access Manager enables the same levels of access control for external users - creating a convenient entry point that does not compromise security. Finally, Novell Sentinel provides a complete audit trail for all activity on the network, enabling Camera dei Deputati to be confident that it meets government standards for data confidentiality.