Delivering municipal services with unified identity security management

Benefícios

• Enables efficient, secure management of 4,000 employee and 6,000 student user accounts.
• Streamlines onboarding, provisioning and deprovisioning of users with automatic workflows.
• Aligns with the municipality’s security policies and complies with GDPR mandates.

Case Study Story

At Falkenberg Municipality, where close to 4,000 employees serve the town’s 50,000 residents, IT is crucial for enabling efficient, secure and economical services. Falkenberg outsourced IT management to gain efficiencies and control costs. However, the IT team recognized the vulnerability of allowing the outsource partner to manage user identities and privileges and decided to shift that task back in-house.

Falkenberg chose One Identity Active Roles to enable efficient management of user accounts, groups and directories in Active Directory. The IT team deployed Active Roles on premises to maintain full control, using the HR system as the data source of record.

Friction-free deployment leads to fast adoption

Today, Active Roles helps municipality managers administrate identities and privileges for all employees and 6,000 public school students in separate instances of Active Directory. Torbjörn Larsson, CIO of Falkenberg Municipality, says, “Active Roles allows incremental deployment one department at a time and lets you test any changes before implementing them, giving you visibility of who did what in the system. Those are excellent features.”

Falkenberg managers quickly adopted Active Roles, which is localized into Swedish, and found the solution to be highly efficient. “Secure portals give even non-technical managers full control of user roles and privileges,” Larsson says. “Active Roles runs by itself, which gives me more time in my day.”

Automation enables consistency, security and control

Automations with Active Roles are invaluable for efficient user management in Falkenberg. Active Roles integrates bi-directionally with the Swedish tax authority’s system to automatically exchange employee status updates. “One of our most important tasks was to automate all the processes that we could,” says Larsson. “With Active Roles, this has been a great success.”

Automated workflows were especially helpful during the pandemic, when in-person meetings were impossible. “Streamlining onboarding, provisioning and deprovisioning of users were some of our largest undertakings with Active Roles, and they worked very smoothly,” Larsson adds.

Student account management is also simpler with Active Roles automations. General Data Protection Regulation (GDPR) integrity laws prohibit the storage of personal data, requiring student data to be removed at the end of their studies. Larsson explains, “We can easily assign students to security groups, connect them to teachers, transition their settings across school years and close their accounts when they graduate.”

Unifying and strengthening identity management

Active Roles and One Identity Safeguard will reflect the municipality’s security policies and comply with GDPR provisions. “Every user is a security risk, even if their access level is low,” Larsson explains. “One Identity Active Roles and Safeguard will help us maintain our Zero Trust approach to identity management, including monitoring contractors and vendors who have access to our systems.”

Larsson often shares insights on user and access management with his peers in KommITS, an organization of Swedish public sector IT managers. “First they think Active Roles is just an add-on to Active Directory,” he notes. “But when we show them how secure and usable it is, and how easily they can deploy it to other managers and departments, they see its value.”