Sonatel, Senegal’s first telephone company now provides telephone (land and cellular), Internet, television and data services to over 5 million customers in Africa. A 42% owned subsidiary of France Telecom, Sonatel is Senegal’s leading telecom company and has become the top provider of mobile telephone services in Mali.
Sonatel regularly integrates new international affiliates to support its strong growth. New users are managed in local directories, but must use corporate applications such as CRM, reporting and inter-operator compensation. As a result, Sonatel realized that it needed to optimize its access policy.
“As a France Telecom subsidiary, we are subject to strict internal requirements in terms of security policies” says Babacar Kebe, identity and access management project leader at Sonatel’s Information Systems Division. “To rationalize access rights, these rights must be strongly linked to the identities of their users, and the entire company’s application accounts must be managed centrally.”
Until now, administrators had to update accounts on a case by case basis, with 5 to 7 applications per user. And each employee had to manage as many passwords on a daily basis. Sonatel’s general managers therefore decided to invest in an overall identity and access management solution.
Choose a complete solution
After pre-selecting three market-leading identity and access management suppliers, Sonatel selected Evidian’s offer. The functional criteria were met and Evidian was able to demonstrate its hands-on experience in the telecommunications market.
“Evidian stood out because its product is more than just Single Sign-On: it covers the entire process of managing identities and accesses” says Babacar Kebe. “In addition, Evidian’s solution was deployed in many companies in our industry sector, which made us feel confident about our project.”
From now on, this solution will let Sonatel manage its users and assign them access rights to resources in a uniform, universal, and quick fashion.
Deploy identity and access management
In keeping with Sonatel’s policy, the project began with a week of general, initial training for the project managers and technicians. The functional and operational aspects of Evidian’s solution were presented in detail.
The first step in deployment was Single Sign-On (SSO). Each employee now uses only one password – the one used to log into Windows on Microsoft Active Directory. Evidian’s solution fills in all application passwords transparently, on the condition, of course, that the security policy grants the necessary access rights to the employee.
“Feedback is positive; no major problems were observed during deployment in the field” says Babacar Kebe. “In addition, we didn’t even need to train the users – short informational brochures were more than enough.”
To achieve this result, Sonatel relied on experienced internal project managers who validated the deliveries from Evidian and the integration service providers. And they had local leaders and department heads participate in the project as well. The IT division and a sales office acted as pilot sites, followed by general deployment in late 2009.
Precise management of application accounts
To satisfy Sonatel’s access security policy, the accounts that the SSO gives access to are defined centrally. The next step involves automating account updates, either directly or by automatically sending instructions to administrators.
Since Sonatel’s entire user data is gathered in a reliable directory, creating, deleting and updating accounts for sensitive applications will be automated. Evidian’s User Provisioning module performs these operations according to Sonatel’s business rules.
Provisioning the accounts lets Sonatel know what a user’s access rights are, as well as those that the user actually uses, from a single location. This considerably accelerates audits and incident diagnostics. And when an employee leaves Sonatel, his or her accounts are quickly deleted.
“Evidian’s support is effective and available; we can count on professionals who have a deep understanding of the products. And since Evidian’s solution develops regularly, we are kept up to date on its numerous features” adds Babacar Kebe.
