[MUSIC PLAYING] My name is Dan Slodowick. And my role is information security director for UnitedHealthcare. So UnitedHealthcare is a fortune for company primarily focused at providing insurance as well as health care services. Company wide, obviously, we have like 285,000 users.
And we also have clients that range in the 2,000 to 3,000. We also use third party partners. My role as information security director for Optum360 is the brand of that business revenue. Cycle management is focused at governance and security for the business as a whole.
Health care, obviously, is highly regulated. We have HIPAA requirements as well as several other regulations. And some of the challenges, we have lots of identities. They're not only internal identities. We also have our clients that actually access our systems as well.
So we have that factor where we have to manage third party access. And a lot of times we have to bring in feeds from different third party sources. Sometimes when you're managing third party access, you don't always have immediate information in regards to role changes. So trying to get that information so that you can make those changes as well.
So we knew about other vendors. Obviously, we have the Gartner data, like anybody else does. One of the new solutions that we're using is the ID Manager. We also use access governance as well and data governance.
So we do those functions for bringing the identities in. We also use the [? IT ?] shop for cataloging our access and making that available to users to request, so the approval workflow and all of those functions. So one of the good things is because we synchronize with Active Directory, we can see things happen. A good example is when a server is actually taken out of the environment, it actually has a synchronization error because it was there yesterday. But it's not there today.
So just simple things like that keep our environment clean and kind of know when things happen so that we can maintain the integrity. Having the built in approval process was a really huge benefit specifically for privileged access. We didn't really have anything like that before. And having the ability to define our privileged access across the environment and be able to report on it and also monitor it, it was a real big win for us as well.
Our big win was really the provisioning time was significantly reduced where we could get users up and productive quicker, and that was really big for operations because they needed access to a lot of different things. And the way they did that before was open tickets. And the access control team would have to reach out for approvals and email. So there was a lot of back and forth to make all that work. Whereas, when we set the workflows based on what the access was, and we had different workflows that were really specific to the access that we built into the tool, the time to really get somebody in a productive environment where they could actually start supporting the customer was, I would say, 80% faster than before.
[MUSIC PLAYING]
03:22
