How FedEx improved security, eased access
- 04 November, 2010 03:15
Delivering packages to customers in a timely fashion takes more than a good shipping label.
In the case of FedEx, employees often need special IDs to make deliveries, such as the Secure Identification Display Area (SIDA) badges required to access restricted airport areas. For years, FedEx relied on 121 security administrators to manually provision and deprovision SIDA badges as well as proximity cards for parking-lot access and photo IDs for building access.
The system helped prevent security breaches, but FedEx's process for retrieving badges and disabling access for inactive or terminated employees "wasn't centralized and easy to audit," says Denise Wood, FedEx's CISO. The result, she says, were gaps in deprovisioning that not only posed a security threat, but could have required FedEx to re-badge approximately 60,000 employees in the event of an audit.
"When people leave a large company, it can be difficult to get all of their accounts closed in a timely fashion," says James Quin, a lead analyst with Info-Tech Research Group. "In a lot of cases, you end up with ghost accounts-accounts that exist on the system that nobody is assigned to anymore, and those are big security holes."
So FedEx developed an identity management (IdM) intranet application that automates the badge-management process, boosts regulatory compliance and cuts costs, all with a single card.
An employee simply submits a request to obtain a badge and, depending on the person's job function, the system automatically selects from 12 badge designs, puts the individual's photo on the badge and then forwards it to FedEx's human resources department, where it's printed and shipped to the employee. Managers are automatically notified of the need to review or approve an employee request, and approvals are logged for seven years, in compliance with government regulations.
By using a single card, FedEx's IdM system has reduced processing time for facility-access requests from three weeks to real time and eliminated more than 23,000 annual man hours, or $1.2 million, in card-administration cost. Within six months of deployment, Wood says, FedEx "completely eliminated an outsourced provider for password management," a third-party contract worth $500,000.
An IdM system "isn't an easy solution to implement," warns Quin. The project came with a $277,000 price tag and must combine databases from multiple departments with competing priorities. To foster teamwork, Wood held monthly meetings with senior-level executives from affected departments to pinpoint mutually beneficial opportunities and ensure transparency. The meetings helped Wood build a strong business case for the project. Offering refreshments didn't hurt either.
The Company: FedEx Memphis, Tenn.
A $35.5 billion logistics-services company with a broad portfolio of transportation, e-commerce and business services. The company boasts more than 275,000 employees and contractors.
How they saved: By combining three cards into one, the identity management (IdM) system reduces the time it takes to issue badges from three weeks to real time. Automating badge requests has also eliminated 23,000 annual man hours, or $1.2 million, worth of administrative tasks.
Tools used: FedEx's IdM system. The facility-access portion of the system debuted in September 2007. The badge-management component followed in January 2009.
Group Development: Rather than burden IT with creating thousands of new badge-management applications, FedEx set up a brand new infrastructure integrating the databases of disparate departments-including corporate security, human resources and information security-to ensure a seamless, single card-provisioning process.
Build a Business Case: To justify the nearly $277,000 project, FedEx developed a value scorecard that tracks productivity gains and cost savings, such as eliminated third-party contracts.
Cindy Waxer is a freelance writer based in Canada.
Read more about office applications in CIO's Office Applications Drilldown.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Advanced Malware Exposed
This handbook shines a light on the dark corners of advanced malware, both to educate as well as to spark renewed efforts against these stealthy and persistent threats. By understanding the tools being used by criminals, we can better defend our nations, our critical infrastructures and our citizens. This ebook will provide readers with a new understanding of the rapidly developing cyber threat landscape and practical insights into how they can protect their data and computing infrastructures. Download now.
HP Helps NEC Reduce Network Management Costs and Gain Efficiencies
NEC wanted to reduce network management costs, while increasing network visibility, decreasing mean-time-to-repair, improving stability and mitigating the risk of downtime. Download today to hear from Cameron Craig, Senior department manager of NEC on what approach they took and why.
Pathways Advanced ICT Leadership Development Program Course Outline and Big 6 2013
Developed by the CIO executive Council in conjunction with Rob Livingstone Advisory, Pathways Advanced is a 12-month CIO delivered, small group, mentor based professional leadership development program. Pathways Advanced brings together best practice, thought leadership and business insights for today’s most promising ICT professionals