RWE takes Identity and Access Management to the cloud

Mark Samuels Profile picture for user Mark Samuels October 31, 2023
The energy giant is using SailPoint’s Software-as-a-Service platform to ensure the right people can access data quickly and effectively.

An image of a digital fingerprint

International energy company RWE has used SailPoint’s IdentityIQ on-premises solution for more than a decade, but has now migrated to its Software-as-a-Service platform for enterprise-wide identity governance.

RWE has a workforce of more than 19,000 employees and has multiple subsidiaries, branches, offices, power stations, wind and solar farms, and other facilities across more than 80 locations worldwide. Managing identities and onboarding new staff across this disparate environment is a complex process. 

Sue Walker, Cybersecurity Manager at RWE, says SailPoint’s SaaS-based technology provides a consolidated and automated platform for identity security:

We needed a process and we needed to have something in place. Using a SaaS solution provides a rapid implementation, because you phone SailPoint up, you give them the URL, and you're up and running. Moving to a SaaS solution meant straightaway there were no infrastructure issues – and that's all down to SailPoint.

Through its move to the cloud, Walker’s team provides centralized identity management to about 20,000 users, which is about ten times more users than in the past. Walker says the move to SaaS for identity management works well for RWE more generally, as the business has a cloud-first policy, where its moving applications into an AWS environment. Her team’s mix of on-demand IT and SailPoint knowledge helped ease the shift to the cloud:

We had a lot of experience working with SailPoint, so we weren't starting afresh. We understand the process from end to end, so we were already quite far in our journey, and we had processes in place for when we went to the cloud.

Managing identities

With careful planning over a three-month period, the company switched to being cloud-hosted over one weekend about two years ago. Today, the platform forms the centerpiece of a full Identity and Access Management (IAM) program, including the onboarding of new staff, explains Walker: 

That process happens straightaway. When someone new starts, they get notified, managers are notified, and all the right access to data is established. So, we work across the across the teams. IAM is just not an IT process, it's a business process.

Using a mix of SailPoint’s technology and an internal communications campaign, RWE has used the SaaS platform to slash onboarding times for staff who join the company:

There’s been a huge improvement for the users because we’ve gone from 25 days to onboard a new starter to about three hours now.

As well as providing IAM to permanent staff, Walker’s team also has to provide secure data access to contractors around the glove. She says SailPoint’s cloud-based technology makes it much easier to manage a complex range of identities:

We're able to treat both employees and contractors in very much the same way. So, we have the same flow of data and the same abilities.

It can be challenging for security managers in big firms to build an effective IAM platform, especially if they’re moving to a new form of IT provision. However, the RWE team’s awareness of both SailPoint technology and a range of other SaaS platforms meant that technological and cultural challenges were met head-on and overcome, Walker explains:

Because we’re a cloud-first business, our team is experienced. We know how to set up a SaaS solution, we know what we need to do from a network point of view and we know the technology runs on AWS. There's challenges, don't get me wrong, but we're very experienced in these areas. We have a good network team and we work well with them. We have an AWS team and we have an Azure team. So, we have the skillsets in place. If we didn't, then we would find more problems in those areas.

Transforming processes

When it comes to digital transformation more generally, Walker says RWE’s cloud-first strategy provides a secure and cost-effective platform for application management:  

Taking applications to the cloud reduces costs because your estate is easier to manage. Data centers are becoming much more expensive. When you go to the cloud, your platforms are much easier to upgrade and you don't need to manage multiple environments. Cloud technology is definitely the way forwards, not just from a security point of view, but from a business point of view.

Moving to the cloud for IAM means RWE’s security team spends less time worrying about infrastructure concerns and can focus more of its time thinking about high-value priorities, such as user experiences, access rights and introducing a zero-trust initiative. Walker’s team continues to look for ways to bolster its IAM program using SailPoint technology:

This year, we've improved our posture. We’re able to do more certification campaigns, which means that we're able to look at access rights and to target users. So, from where we were to where we are today, we are making continuous improvements. And we've got a full order book for at least the next two years of improvements that we’ll be doing.

A grey colored placeholder image