Beach Energy gains greater visibility into user access
Beach Energy is Australia’s premier oil and gas exploration and production company. Responsible for deliveringsustainable energy to communities, Beach Energy supplies around 15% of natural gas requirements for Australia’seastern states.
Challenge
When reviewing their security ecosystem, Beach Energy realized how overly manual the onboarding, offboarding anduser management process was, coupled with a poor user experience
Solution
With SailPoint, Beach Energy has been able to grant IT access rapidly, improve compliance, and manage security risk with greater visibility into user access.
The more that we can minimize and control that user access and automate it, the better we can authenticate our users with more certainty and better manage that risk.
Aaron Finnis, Information Security Manager at Beach Energy
Identity Journey
Founded in 1961 and in its 60th year of operation, Beach Energy is a publicly-traded oil and gas exploration and production company based in Adelaide, South Australia. Currently, Beach Energy produces oil and gas within five basins across Australia and New Zealand and is a crucial supplier of gas into the Australian East Coast gas market. Dedicated to sustainable energy delivery for its communities, Beach Energy operates while maintaining the highest health, safety, and environmental standards.
Beach Energy holds the same high standards for the quality of its business-technology systems. Delivering a high level of service to its staff and contractor users is a priority, although it has been challenging during the shift to the cloud in recent years.
It’s not just technological change that’s proven to be a challenge, but also dramatic changes within the Beach Energy organization in the past few years — such as the acquisition of Integrated Lattice Energy assets and systems and the growth from 200 to more than 1,000 users.
To meet these challenges, and to build the technical efficiencies and agility necessary for the future, the technology and security teams within Beach Energy began evaluating what their people would need to be more productive and to access the resources they need seamlessly. After the self-assessment, the technology and security teams at Beach Energy got to work, especially in identity security, access, and governance.
The focus on identity security
Aaron Finnis, information security manager at Beach Energy, explains that the teams began retiring their legacy and insecure systems and putting new technologies and processes that would provide a consistent and modern technical control to prevent better, detect, and recover from unwanted cyber events. “We are a low-cost operator, which presents challenges for a foundational cyber security capability,” Finnis says.
The focus on improving identity security would help the teams build an effective and efficient security program. “We put it under the microscope,” says Finnis. The team identified how their identity onboarding, off-boarding, and user identity lifecycle management was entirely manual, leading to a user experience that left room for improvement. “We felt there was a lot of opportunities for improvement to reduce not only risk but also improve the user experience,” Finnis explains.
For instance, much of Beach Energy’s identity governance was managed manually. The managers submitted user forms in SharePoint or HR entered staff to access information into their SuccessFactors HR management system. From there, form data would eventually reach the service desk to be placed manually into Active Directory, where access would be granted to various business applications. Due to these manual identity management processes, there would be mistakes made. These errors increased the risk of compromise and audit and compliance requirements.
Consider this:
14% of Active Directory users remained active in the system after termination, and roughly 60% of IT service tickets were related to password resets, unlocks, and application requests. Further, employees conducted 8 – 10 logins per day, decreasing their effectiveness.
Choosing the ideal identity security platform
With that in mind, Finnis and the team sought an identity security platform that would help them to accelerate their identity management and access efforts. “We wanted to quickly enable managers to manage access themselves and instead improve and automate these processes,” he says. “This would free the team to focus on other strategic areas,” Finnis adds.
The team searched for an identity and access management platform that would handle both the volume and the complexity of their day-to-day operations. After finishing their evaluations, the Beach Energy team identified the identity governance platform to help them build the identity security program they sought: SailPoint. With SailPoint, Beach Energy has everything it needs to manage its identity access efforts effectively. SailPoint provides identity and access governance throughout Beach Energy’s hybrid IT environments. With SailPoint, Beach Energy can now automate its time-consuming manual identity processes, increase account access accuracy, and readily prove its compliance to regulators.
SailPoint helps automate identity lifecycle management, compliance management, and provides AI-driven identity. SailPoint provides employees, contractors, partners, and software bots with swift and secure access to resources and adjusts automatically as people join, change job roles, or leave the organization. SailPoint ensures sensitive and regulated information is continually managed to regulatory requirements and automates access certifications when it comes to compliance. Hence, teams are always on-the-ready for an audit.
SailPoint’s artificial intelligence capabilities help organizations such as Beach Energy to make more swift and better decisions about access. They will proactively spot risky users proactively and ensure every user in the organization has the right amount of access they need when they need it.
Smooth sailing implementation
To succeed, the Beach Energy identity team got to work with SailPoint to create a universal user directory and centralized place to create and activate users and provide a complete view of access entitlements across all of their core applications. The team also enabled self-service capabilities and automated application provision based on business rules and previous job role approvals.
One of the primary benefits Beach Energy reaped is SailPoint’s ability to enable service providers to gain immediate and secure access, improve regulatory compliance and reduce cybersecurity risks surrounding that access. “We’re managing that security risk better because we now have continuous visibility of everything our users can access,” says Finnis. And the team can also quickly certify that access.
We’re managing that security risk better because we now have continuous visibility of everything our users can access.
Aaron Finnis, Information Security Manager at Beach Energy
Altogether, SailPoint has helped Beach Energy to increase security, as well as increase the usability and efficiency of their business-technology systems.
Usability and efficiency
- All new staff and contractors managed in SuccessFactors are automatically provisioned with an initial set of
access rights without having to issue requests, thereby reducing service desk calls. - Service providers managed through self-service by line-of-business managers via SailPoint.
- The integration with new cloud and on-premises services is now streamlined and takes hours, not days.
- With centralized login and seamless single sign-on from corporate computers, all staff gains consistent and easy
access to applications.
Security
- The centralized and comprehensive view of user activity enables the swift detection of application and data
breaches. - When staff or other users leave Beach Energy, they are now automatically deprovisioned on their set end date. This
reduces risk, improves audit outcomes, and even reduces licensing costs.
Moving forward, Beach Energy’s vision for identity security is to continue building on its accomplishments with SailPoint. “We will focus on continuing to be kind to the user. We want to make it as easy and as seamless as possible to access our systems and services,” explains Finnis. In the end, Finnis explains, that means when someone commences in a particular role, they are onboarded quickly, and SailPoint enables them to meet their regulatory compliance and security requirements.
“Our vision is to keep doing what we’re doing, keep deriving value from the solutions that we’ve invested in, such as SailPoint,” he says. “The identity security program has accelerated because of our investment in SailPoint. What SailPoint has enabled us to do very rapidly is to put the power into our manager’s hands to manage IT access accurately and rapidly themselves,” Finnis says.