Bringing BMW’s New Central Identity and Access Management System into Life

05.05.2010 11:30-12:30 Moderator:

Bringing BMW’s New Central Identity and Access Management System into Life

At BMW, a large number of applications based on the major IT platforms Windows, Mainframe, CA, SAP... are in use. In the past several custom made management applications have been developed and deployed to manage accounts and access rights on these different platforms, sometimes using different processes. Over time these systems developed into a state of unsustainable complexity due to increasing business demands with correspondingly high support and maintenance costs.

This situation lead to a demand to improve the management of accounts in order to meet the evolving security needs of BMW Group. Furthermore changes in international law exacerbated the situation and the need for action.

IdAS – BMW’s new Identity and Access Management System – has been designed and developed to address this situation. With IdAS formerly disparate management and provisioning processes are integrated and automated fulfilling the needs for flexibility, security and speed. IdAS has been successfully launched in late summer 2009.The international step-wise migration and rollout has been conducted in a short time frame in the second half of 2009.

The presentation will cover the following topics:

• BMW Group – Facts and Figures
• BMW Identity Management from past to present
• Vision and Targets for the new IdM system IdAS
• Preconditions and Project Structure
• Building Blocks and Architecture
• Challenges for Go-Live
• Key Decisions
• IdAS Go-Live and Rollout
• Results
• Lessons learned

Integrating Physical Access Control into Active Directory at King ICT, Croatia

In the early years of this century, corporate telephone networks have become an integral part of unified communications systems operating as part of the IT infrastructure and no longer as a stand alone network. This second decade is seeing a new trend in IT resources rationalization driven in part by the fact that workers are more mobile and IT networks are being exposed to the outside world thus no longer making the physical perimeter of the company's facilities the boundary of the network. As a result, the physical access control system is progressively being merged into the IT infrastructure so the directory of users and their access rights become an additional user repository that is managed by centralized Identity Management Systems. HID will show how King ICT, Croatia is prototyping a system that integrates physical access control with their central Active Directory based infrastructure.