The Access and Identity Management system from BMC will give every VW employee and thousands of external business partners, such as design engineers and car dealers, a unique identity on the German car maker's IT infrastructure, based on their job role.
Hans-Ottmar Beckmann, chief information security officer at VW, said the system would save the equivalent of £33,000 per application through simplified administration. "We have thousands of applications. Now that we have centralised these functions, administration is much cheaper and simpler," he said.
The system paid for itself when VW brought its 100th application under the BMC identity management regime, said Beckmann.
He added that from having to define precisely who had access to which applications, the company discovered it was 15% overstocked with SAP licences, allowing it to negotiate more favourable terms.
So far, VW has added 650,000 individuals to the system, which is about three-quarters of the expected total.
"We are still keeping our other identity management systems, such as RAC-F for the staff who work on the IBM mainframes, but access to them is through the BMC system," said Beckmann.
He said the project grew massively as VW started understanding and responding to the implications of allowing identity-based access to its internal systems.
In particular, the company realised that it needed clean, verified data. To this end, it set up a separate section in the human resources department that is dedicated to checking employee data, especially for new hires and outsourced skills.
"This is very important when you are allowing external engineers to access your designs and knowledge, or sending immobiliser codes to China, for instance," said Beckmann.
Comment on this article: firstname.lastname@example.org