How to make your information sharing headache better
Cumbria has been at the forefront of the implementation of the IAM service. Why is it so important at Cumbria?
“Well, it’s the first step in the implementation process for us but a big step forward. This initial step automates our Joiner, Mover, Leaver (JML) process across the constabulary, and that’s a big time-saver for our teams. Now, as soon as new officers or staff join we can get them up to speed far faster than before. As soon as they’re on our HR (Human Resources) system they then have a ‘baseline’ account automatically provisioned across our IT estate, so they can access what they need to get on with their job. Anything above ‘baseline’ is handled separately for now until we’ve rolled out to every team member. And once they’re set up, they’re profile will follow them across the force: across roles, locations, if they work remotely or even if they’re temporarily reassigned.”
“Previously, these processes were handled manually, with first-line staff needing to re-key and re-enter details across multiple systems. This often resulted in duplication and errors, which caused delays in officers being able to access the information they need.”
What challenges did you have that the IAM service will alleviate?
“Users move around our organisation over their career and, as the processes that underpin the allocation of rights and licenses were manual. This brought about the possibility of errors, such as a delay in a user being assigned permissions when they start in a role, or a user aggregating permissions as they change roles.”
“In addition, there was a historic issue with maintaining the data consistency between HR and other systems, such as AD (Active Directory). New users were manually created and populated in AD by 1st line staff, which opened the possibility of errors or lack of consistency between users.”
I guess that will be a big help for Cumbria’s officers and staff?
“Yes. Now, new user accounts can be created in a consistent format with the details automatically populated from the authoritative source (our HR system). Common permissions can then be assigned as soon as the account is created.”
“In the future we’ll be able to assign permissions automatically based on a users’ specific role. When that happens, requests for additional permissions can be made by individuals and approved by their line managers rather than going through a manual, often time consuming, approvals and allocations process through the ICT team.”
“And of course, when a user leaves the organisation their account will be disabled immediately and all the permissions and access they previously had will be removed at the same time.”
So, it will also help with your data security?
“Absolutely. Each user will only have access to those systems and areas that are required for their role. User accounts, and therefore access, will only be created in a time related to their start date.”
“And when a user leaves the force, their access will automatically be removed at the end date and their records and OneDrive deleted after 60 days.”
Multi-agency working and collaboration has an increasing role in modern policing. Does the IAM service help this?
“That’s another great benefit of the IAM. With it we can easily and quickly control guest access so we can run external access campaigns. The IAM allows us to allocate permissions to guest users and then lock down that access so they only access the areas that they need, and which are assigned by the team owners.”
“It’s something our Chief Constable, Michelle Skeer, is very keen to use to support our expanded collaboration efforts as it’s a key element for modern policing.”
“Easy and effective control of guest access is one of the IAM’s crucial features for us – and that’s the same right across policing. We need to work more collaboratively with partners across the law enforcement and criminal justice network, and even more widely, and the IAM will a key enabler for this.”