Fortune 500 Transportation Company Simplifies Access Control for 175,000 Users

One of the largest freight transportation companies in the world, with over 50,000 employees, stores and manages data with access in mind for over 175,000 user accounts. Over the past 50 years, the company has solved difficult technical problems for this population with innovative, forward-thinking solutions. With time however, the company had outgrown its systems, affecting how the company manages user access. Historically, its authorization data and decisions were made from roles stored in enterprise systems, databases, or within application code, without a consistent, successful implementation.

Challenges:

Siloed Data

  • Authorization data stored in many systems
  • Data is often times duplicated
  • The same type of authorization request from different sources could yield different results

Role Explosion

  • The company initially had 3,775 roles with 176,000 assigned users and within 3 years
    those numbers had grown to 54,000 groups and over 800,000 user assignments.
  • Due to the increasing number of different roles, the company had an increasing number of roles to
    properly encapsulate the permissions. Managing all those roles proved to be extremely complex.

Access the full case study, including the solution. 

Other Resources

Case Studies
Dynamic Authorization in the Banking and Finance industry
All financial institutions have multi-pronged challenges for data access control in the areas of privacy and compliance. Firstly, it is the customer: to protect consumer...
Case Studies
Efficient Enterprise-Wide Risk Management and Secure Collaboration Using ABAC
A major US automotive manufacturer was faced with a consolidation challenge for their authorization. As with many large enterprises, security authorization had historically been handled...
Case Studies
Granular Access Control for a Complex Business Model
Modernizing Access Control in a B2B2C Organization with Dynamic Authorization The Company needed to securely share data throughout the complex delivery layers of a “B2B2C”...