Nelnet migrates from SailPoint IdentityIQ to SailPoint Identity Security Cloud
Nelnet, Inc. is a student loan servicing company headquartered in Lincoln, Nebraska, with offices around the globe and over 7,500 employees. In addition to student loans, Nelnet is also a professional services company, consumer loan originator and servicer, payment processor, telecommunications innovator, and K-12 and higher education expert.
Challenge
Since 2016, Nelnet has successfully used SailPoint IdentityIQ, an on-premises solution. As the company strategically shifted to the cloud, it needed a multi-tenant cloud-based identity security solution for lifecycle management and governance. Nelnet went through SailPoint’s complementary migration assessment program and eventually migrated to SailPoint Identity Security Cloud.
Solution
Nelnet migrated from SailPoint IdentityIQ to SailPoint Identity Security Cloud in 2024. The cloud-based solution enables Nelnet to streamline its identity lifecycle management and governance and leverage new capabilities, such as AI and workflows, for more automated processes. SailPoint Identity Security Cloud allows Nelnet to focus its resources on adding business value, not managing or tuning infrastructure.
Industry
Finance
Company size
7,500+ employees
Partner
ProofID
We considered other possible solutions for cloud-based identity security, but selected SailPoint because it’s the Gold Standard. There’s nothing that I’ve seen that could keep up with what SailPoint has to offer,”
Dane Paulsen, IT Manager, Nelnet
20,000+
Workday identities managed500+
business and IT roles defined by IdentityAI85+
certification campaigns annuallyFor Nelnet, business success is all about enabling others. As a service company focused on the student loan, consumer finance, telecommunications, and education markets, Nelnet’s employees work to serve others and make their dreams possible.
It takes a sophisticated organization to successfully deliver across such a wide range of products and services as Nelnet does. It also requires a high level of security, governance, and efficiency. That’s why Nelnet invested in SailPoint IdentityIQ, on-premises identity security, in 2016. With SailPoint, Nelnet could effectively address lifecycle management and governance for its 7,500 employees.
But, like many companies, Nelnet set a strategic goal of moving IT resources from its on-premises data center into cloud-based applications and tools. That meant its identity security solution also had to move to the cloud. In addition, Nelnet recognized that it was spending significant time and resources on maintenance and upkeep that could be refocused and better utilized by a move to the cloud.
“We knew we were spending a lot of time doing maintenance and upkeep and would benefit from moving to the cloud,” said Dane Paulsen, IT Manager, Nelnet.
While Nelnet had a strategic objective to move to the cloud, one of the first steps they took was participating in SailPoint’s migration assessment program. Their experience with the program was positive and helped them build a case for their organization to make the change and migrate.
“Ultimately, the artifacts they created were very helpful in facilitating the dialogue that we needed to make sure we had understanding and buy in. They armed us with good talking points to be very specific of why the spend around SailPoint tools moving to the cloud in this way was the right approach,” said Paulsen.
Of course, Nelnet did its due diligence before migrating its identity security solution to the cloud and evaluated various possible solutions.
“We considered other solutions for cloud-based identity security but selected SailPoint because it’s the Gold Standard. There’s nothing that I’ve seen that could keep up with what SailPoint has to offer,” said Paulsen. “When we looked into it, it was really apples and pineapples when comparing SailPoint to the other possible tools.”
A successful migration opens new opportunities
Nelnet went fully live with SailPoint Identity Security in early January 2024. As with any large project, even with extensive planning, a few minor tweaks were required.
“We tried to consider everything and anything that could possibly happen during the migration and post-migration,” said Dena Boyd, IT Infrastructure Program Manager at Nelnet. “We knew there’d be some surprises, but they weren’t overwhelmingly challenging. The team really stepped up to learn the solution and have worked to leverage the features in a significant way.”
The team’s initiative in attending SailPoint’s online classes to enhance their understanding of the solution and maximize its potential has been critical to the project’s success. As the team continues to build its knowledge, it is also creating a backlog of areas to explore, such as building new connectors and harnessing the new cloud-based capabilities.
“There’s just a ton of features that can be leveraged,” said Jacqui Taylor, Director of SailPoint Professional Services at ProofID. “We’re just starting off the AI work and using it to do things like thumbs up/thumbs down for access reviews. From a role perspective, the feature set is really something that the end users are going to benefit a lot from.”
Nelnet is also going to be implementing SailPoint Non-Employee Risk Management (NE) to enable risk-based identity access and lifecycle strategies for third-party non-employees, as well as SailPoint Cloud Infrastructure Entitlement Management (CIEM) for extending identity security to cloud infrastructure.
In the near future, Nelnet hopes to extend the solution to an additional eight to ten new sources and integrate identity security with its FedRAMP connection. It will also use NERM to move the management of identities currently managed in Workday.
Best practices for a migration to the cloud
Nelnet’s successful migration of its identity security platform from on-premises to the cloud has taught the team several lessons, including:
- Allow enough time for proper and thorough requirements gathering. Nelnet initially anticipated requirements gathering would take two months, but it took closer to four. Allow enough time before you start getting into the project.
- Understand and verify current roles. Even though it might be challenging, it’s critical to build a complete understanding of the user’s current roles and double-check (or triple-check) that no one is granted access to something they shouldn’t have access to.
- Knowledge will accelerate with testing and validation. Nelnet found that their expertise, interest, and knowledge really accelerated when the team started testing and validation efforts. “Before we went live, the team didn’t know what it didn’t know. But once they got in there and started working with things, their knowledge just blossomed, and their anxiety went down,” said Boyd.
- Realize that you’re rewriting. Most people think a migration simply involves moving information from one location to another. But in reality, when you’re migrating to the cloud, you’re really rewriting the requirements and implementation.
- An implementation partner can accelerate your process. Nelnet’s initial approach to the project was to treat the on-premises and cloud-based versions of SailPoint the same, but their implementation partner helped them realize they were different tools with similar features and adjust their thinking. “Without our implementation partner, ProofID, we would have been on the struggle bus,” said Boyd. “They’ve done it before, so they helped us ease the process and helped us understand better what we didn’t know and how to bridge those gaps.
- Migrate similar functionality and THEN expand on it. It might be compelling for a company to move and improve its identity security as it migrates to the cloud. But Nelnet’s advice is to focus on replicating a similar feature set first and then expanding on it. “Don’t try to create enhancements as you migrate,” said Boyd. “Make sure the scope of your migration is the existing functionality. Otherwise, things can get away from you pretty quickly. Do the migration, and then improve it.”
A collaborative effort leads to success
Nelnet has had a successful migration to SailPoint Identity Security Cloud and looks forward to continued growth and rollout of new functionality. Their migration is a great example of how important a team approach is to a complex project.
“This was really a collaborative effort,” said Boyd. “First, Nelnet had a need to migrate. Second, we had ProofID, as our implementation partner. Third, we had SailPoint leading the way with its solution. That triangle of resources came together and delivered a successful migration. The full team is really impressive, and it’s been a huge success.”
Learn more about how to migrate to the cloud: https://www.sailpoint.com/solutions/migrate-cloud/