Hapag-Lloyd controls identity management in all software systems with the Garancy IAM Suite
Authorizations around the globe
Less than a decade ago, the IT world was still relatively clear, at least in the IBM environment. Experts liked to call the mainframe a “closed shop”. Today, the IT landscape in large companies is much more complex. A wide variety of applications from the Windows and Unix/Linux environments are joining the classic mainframe applications. Cloud technologies are also being integrated more and more. Hapag-Lloyd, for example, has been increasingly relying on cloud-based systems based on Microsoft Azure or AWS since 2019, and Salesforce has also been introduced into the mix.
“Without a central IAM, such a heterogeneous landscape is hardly manageable,” says Josep Cardona from the Identity and Access Management IT department at Hapag-Lloyd AG. Since 2014, the transport and logistics company, headquartered in Hamburg, has been using the Garancy Identity and Access Management (IAM) solution from Beta Systems Software AG to support complete user lifecycle processes. The solution was introduced and implemented with the assistance of a Beta Systems partner.
Before that time, Hapag-Lloyd regulated its assignment of rights via an electronic forms system. From there, requests for authorizations were transmitted to the administrators of the individual application systems – a purely manual provisioning without feedback from the applications, no live tracking and without central control or reporting functions. There were also no automated workflows, so everyone had to know exactly to whom to send their request. Finally, there was no role concept. Authorizations were controlled via reference users, which always entailed compliance risks.
Hapag-Lloyd AG is a transport and logistics company headquartered in Hamburg. With more than 14,000 employees and annual sales of over 22 billion euros, Hapag-Lloyd is one of the world’s largest logistics companies.
The system of assigning rights via an electronic forms system reached its limits at Hapag-Lloyd due to increasing complexity. Regulatory requirements such as ISO 27002, the German Federal Data Protection Act and the Corporate Control and Transparency Act (KonTrag) exacerbated the problem. Hapag-Lloyd also wanted to enable role-based access control, which was not possible with the old system,
With the introduction of the Garancy IAM Suite from Beta Systems, Hapag-Lloyd now has a central IAM system with which it controls all authorizations in all IT applications worldwide.