“In Active Directory there is no way of knowing who has done what. But with 8MAN we’ve been able to enforce a high level of transparency to answer such questions with ease. Especially for compliance purposes 8MAN is ideal. It is now possible for us to trace the cause of unauthorized access or security incident.”
Ipes is a leading European provider of fund administration and outsourcing services to the private equity industry. The company employs 285 people, in 5 jurisdictions and works with 198 clients and provides administration and depositary oversight to $166 billion assets for 403 funds. Ipes was founded in 1998 and we have 20 years in the industry. Capital Tracker is connected directly to the SWIFT banking network. This enables efficient payment processes and automated bookkeeping, resulting in lower manual work and 95% straight through processing. Each year, we process $10 billion of payments, 52,000 calls and distributions, $400m of FX transactions, and 900 audited and unaudited sets of financial statements. Cash transactions have details attached allowing for remote audit.
Ipes administers all types of private equity fund, including fund of funds, mezzanine funds, buyout funds and venture capital funds. Given the sensitive nature of the data, confi dentiality of client sensitive information is one of their utmost priorities. Ipes was primarily looking for a solution to help them meet the arduous compliance regulation and achieve transparency in day-to-day internal reporting.
Like most organizations, Ipes relies heavily on Windows Active Directory to manage user-credentials. As Active Directory stores critical attributes including user accounts, passwords, group account, and shared folders, its overall management is the very back-bone of internal audit procedures. In dynamic organizations, however, the task of managing Active Directory security can be extremely cumbersome and prone to errors. Ipes encountered a similar problem. Native AD tools lack some of the essential functionalities such as reporting, consolidation and archiving capabilities, further intensifying the challenges in the authentication process. With frequently changing roles, increasing volume of data and fragmented view of identities, absence of an effective security policy can leave sensitive data exposed to risks.
While scouting for a solution, the determining factors for Ipes were: accelerated authorizations process, enhanced productivity as well as cost savings. They wanted to establish an automated system for user-management with an uninterrupted overview of permissions for role-based access control.
8MAN is protected-networks’ fl agship solution with a wide-range of intuitive features for integrated user-provisioning across Active Directory, fi le server, Exchange and SharePoint. It allows companies to limit access to a ‘need to know’ basis thereby actively preventing security violations.
Ipes chose 8MAN’s Enterprise version, which integrates three crucial facets of managing access rights - visualization, documentation and administration – serving as a 360° security platform. Visualization to gauge the current status or health of the security program, documentation to record access events for future reference and administration to take corrective measures once the security gaps have been identifi ed. Within a short span of time, Ipes experienced organization-wide benefi ts of deploying 8MAN to answer: Who has what access in AD? Who has what permissions on specifi c objects? Who can perform what actions on specifi c AD OUs? And who has administrative rights in Active Directory? Moreover, users did not need extensive training or time to understand how 8MAN functions.
Ipes was able to streamline the process of granting and revoking access rights aligning it to the requirement and users’ roles. In case of suspicious security incidents, 8MAN made it easy for them to perform forensics in order to track: who made what changes in the AD and who granted users certain privileges? Despite their complex data environment, 8MAN with its methodical approach provided thorough visibility of the existing permissions, domains, OU’s and groups in a simple manner. Furthermore, it was now possible for them to actively involve data owner (business units) to participate in the decision-making of whether or not a certain user should be allowed access to the unit’s resources. The resultant effi ciency led to tangible time and cost savings - dramatically increasing the overall productivity.
8MAN also helped Ipes manage temporary staff with increased accuracy. As Ipes frequently employeed interns, they needed a framework to ensure that the interns only have they necessary and temporary rights while handling important business data. With 8MAN, Ipes was able to achieve this. While creating a new user 8MAN allows admins to provide a start and end date – automatically deactivating the account on a set date. Besides this, 8MAN provides a number of useful recommendations to strengthen access rights management.
A leading European provider of fund administration and outsourcing services to the private equity industry.
Need to streamline userprovisioning in AD to support compliance and internal reporting.
8MAN Enterprise – Integrated access rights management software to manage permissions in the Windows environment.