How Crédit Agricole Italia reduced AD recovery times from hours to minutes with Quest

Benefits

• Improved recovery time from hours to minutes
• Achieved DORA compliance ahead of schedule
• Reduced GPO-related incidents by 35%

The Story

When your IT systems support operations for millions of customers and generate €1.5 billion in annual revenue, even brief outages related to Active Directory (AD) downtime can carry significant costs. For Crédit Agricole Italia, one of Europe’s major mortgage lenders, this can amount to up to €10 million per day. The bank maintains independent IT operations across complex business requirements through more than 40 AD domains spanning customer services, partner integrations, and internal operations. Yet until recently, just two veteran employees managed the entire domain infrastructure with Excel spreadsheets, handwritten procedures, and decades of institutional knowledge.

Like many established financial institutions, Crédit Agricole Italia had developed AD management practices that worked well at a smaller scale. However, Giovanni Assolini, head of IT security operations and business continuity, recognized the need to modernize to sustain continued growth. “As the bank grew and our activities evolved, we saw opportunities to implement more standardized, industry-based approaches to infrastructure management,” he says.

Additionally, Europe’s Digital Operational Resiliency Act (DORA) put increasing pressure on financial institutions to enhance IT resilience. By modernizing its critical infrastructure with Quest, Crédit Agricole Italia transformed operations from knowledge-dependent processes to industrial-grade management, reducing incidents by 35% and accelerating recovery from hours to minutes while achieving regulatory compliance ahead of schedule.

From manual to industrial-grade infrastructure management

Crédit Agricole Italia’s IT environment reflects modern banking complexity. The bank manages separate domains for different security zones, with customer-facing web services, partner connections, and internal systems like withdrawal machines all operating on dedicated infrastructure. This segmentation enhances security but also creates management complexity that has grown over years of business expansion.

Any improvements in AD management efficiency would benefit the entire operation. Working with implementation partner Accenture, Crédit Agricole Italia evaluated several providers across dozens of criteria including backup capabilities, recovery granularity, automation potential, and integration possibilities.

Most vendors excelled in specific areas but couldn’t address all requirements through integrated platforms. Quest distinguished itself by scoring the highest against comprehensive criteria, providing enterprise-grade capabilities across disaster recovery, auditing, and Group Policy Objects (GPO) management through a single platform.

“We needed one solution that could cover our needs rather than managing multiple products,” Assolini explains. “Quest was the only vendor that met our requirements across all areas through integrated solutions.” Now, Crédit Agricole Italia uses three complementary Quest solutions: Recovery Manager for Active Directory Disaster Recovery Edition (RMAD DRE), Change Auditor, and GPOADmin.

Enhanced recovery and visibility with Quest

With RMAD DRE, Crédit Agricole Italia unlocked granular recovery capabilities beyond the bank’s existing virtual machine backup approach. The solution enables restoration of individual objects, specific attributes, or particular changes to precise points in time. This granularity recently proved valuable during a password change project where administrators could modify application accounts knowing they could revert specific changes if needed.

The secure storage architecture provides encrypted backups with robust isolation protocols, protecting backups from malware infection and ensuring backup integrity and accessibility. For Crédit Agricole Italia’s distributed environment, RMAD DRE enables recovery operations across multiple domains simultaneously, making annual disaster recovery testing much more efficient.

Change Auditor addressed the Security Operations Center’s need for better Active Directory visibility. The solution provides comprehensive monitoring and detailed audit trails, integrating seamlessly with the bank’s existing SIEM to correlate administrative activities with system events.

The comprehensive audit trails support regulatory compliance under European banking regulations, with all administrative actions tracked, timestamped, and documented for the transparency DORA requires.

Meanwhile, Crédit Agricole Italia modernized Group Policy management by adopting GPOADmin, introducing software development practices such as version control, approval workflows, and rollback automation into their IT operations. Version control capabilities enable administrators to track policy evolution over time, compare configurations across domains, and identify exactly when changes occurred, making troubleshooting much more efficient.

The approval workflow system enhances governance by requiring structured approval processes before production deployment. This creates oversight that helps prevent issues while ensuring changes align with business objectives.

“Quest optimizes all the work we do in Active Directory,” Assolini says. “It’s super efficient and organized: You input requirements on one side and get working solutions on the other.”

Unlike manual processes, instant rollback capabilities provide operational flexibility, allowing managers to reverse changes quickly without requiring deep Group Policy expertise. This is especially valuable during incidents when specialized knowledge might not be immediately available.

Scaling infrastructure management for future growth

The integrated Quest implementation delivered significant operational improvements. GPO-related incidents decreased by 35%, reducing support overhead and improving service reliability. Recovery operations that previously required hours are now complete in minutes via automated processes that are validated through annual testing across all domains.

The bank also achieved DORA compliance ahead of schedule, with comprehensive documentation to provide transparency. With governance processes embedded in daily operations, Crédit Agricole Italia can ensure ongoing compliance.

Modernizing infrastructure management with Quest has given Crédit Agricole Italia the foundation it needs to support continued business growth with confidence. Rather than managing around operational constraints, the bank now operates with industrial-grade efficiency that enables focus on strategic initiatives and customer service excellence.

For financial institutions pursuing operational modernization while meeting evolving regulatory requirements, Crédit Agricole Italia’s success demonstrates that systematic infrastructure improvements create lasting competitive advantages through enhanced efficiency, compliance, and operational resilience.

“I can sleep well at night now knowing we can restore and restart all applications and services in minutes instead of hours,” Assolini says. “This is all thanks to Quest.”