How FedEx improved security, eased access

Delivering packages to customers in a timely fashion takes more than a good shipping label.

In the case of FedEx, employees often need special IDs to make deliveries, such as the Secure Identification Display Area (SIDA) badges required to access restricted airport areas. For years, FedEx relied on 121 security administrators to manually provision and deprovision SIDA badges as well as proximity cards for parking-lot access and photo IDs for building access.

The system helped prevent security breaches, but FedEx's process for retrieving badges and disabling access for inactive or terminated employees "wasn't centralized and easy to audit," says Denise Wood, FedEx's CISO. The result, she says, were gaps in deprovisioning that not only posed a security threat, but could have required FedEx to re-badge approximately 60,000 employees in the event of an audit.

"When people leave a large company, it can be difficult to get all of their accounts closed in a timely fashion," says James Quin, a lead analyst with Info-Tech Research Group. "In a lot of cases, you end up with ghost accounts-accounts that exist on the system that nobody is assigned to anymore, and those are big security holes."

So FedEx developed an identity management (IdM) intranet application that automates the badge-management process, boosts regulatory compliance and cuts costs, all with a single card.

An employee simply submits a request to obtain a badge and, depending on the person's job function, the system automatically selects from 12 badge designs, puts the individual's photo on the badge and then forwards it to FedEx's human resources department, where it's printed and shipped to the employee. Managers are automatically notified of the need to review or approve an employee request, and approvals are logged for seven years, in compliance with government regulations.

By using a single card, FedEx's IdM system has reduced processing time for facility-access requests from three weeks to real time and eliminated more than 23,000 annual man hours, or $1.2 million, in card-administration cost. Within six months of deployment, Wood says, FedEx "completely eliminated an outsourced provider for password management," a third-party contract worth $500,000.

An IdM system "isn't an easy solution to implement," warns Quin. The project came with a $277,000 price tag and must combine databases from multiple departments with competing priorities. To foster teamwork, Wood held monthly meetings with senior-level executives from affected departments to pinpoint mutually beneficial opportunities and ensure transparency. The meetings helped Wood build a strong business case for the project. Offering refreshments didn't hurt either.

The Company: FedEx Memphis, Tenn.

A $35.5 billion logistics-services company with a broad portfolio of transportation, e-commerce and business services. The company boasts more than 275,000 employees and contractors.

How they saved: By combining three cards into one, the identity management (IdM) system reduces the time it takes to issue badges from three weeks to real time. Automating badge requests has also eliminated 23,000 annual man hours, or $1.2 million, worth of administrative tasks.

Tools used: FedEx's IdM system. The facility-access portion of the system debuted in September 2007. The badge-management component followed in January 2009.

Group Development: Rather than burden IT with creating thousands of new badge-management applications, FedEx set up a brand new infrastructure integrating the databases of disparate departments-including corporate security, human resources and information security-to ensure a seamless, single card-provisioning process.

Build a Business Case: To justify the nearly $277,000 project, FedEx developed a value scorecard that tracks productivity gains and cost savings, such as eliminated third-party contracts.

Cindy Waxer is a freelance writer based in Canada.

Read more about office applications in CIO's Office Applications Drilldown.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

• Bookmark this page
• Share this article
  •  
  • facebook
  • slashdot
  • digg
  • Reddit
  • stumbleupon
  • linkedin
  • twitter
• Got more on this story? Email CIO
• Follow CIO on twitter

• Share
  Share this article

  •  google+
  • facebookfacebook
  • slashdotslashdot
  • diggdigg
  • RedditReddit
  • stumbleuponstumbleupon
  • linkedinlinkedin
  • twittertwitter
• print
• email
• Bookmark