Driving Efficiency and Security with Centralized IAM for a State Transport Authority

Challenge

Managing a vast and multi-layered transport system like that of New South Wales comes with numerous operational, security, and compliance challenges. Turnkey’s client needed a solution that could address growing complexities in access management across its critical systems, data repositories, and transport operations.

With a growing workforce—including employees, contractors, and external partners— there was an urgent need for a centralized Identity and Access Management (IAM) solution. The existing legacy systems were proving inefficient, with manual processes leading to security vulnerabilities, inconsistent access controls, and an overall lack of governance. The disjointed systems and lack of automation meant that user access often took too long to provision or de-provision, creating bottlenecks that affected operational efficiency.

Additionally, the client faced increasing pressure to comply with stringent public sector regulations, requiring robust access controls and audit trails to ensure that sensitive data was secure and only accessible by authorized personnel. The company needed to modernize its identity governance to streamline the resource-intensive effort for maintaining compliance while future-proofing its infrastructure to support growth and evolving security needs.

Solution

After evaluating the organization’s environment and challenges, Turnkey recommended the client retain and optimize it’s existing SAP Identity and Access Management (IAM) platform. Turnkey then provided guidance and support to integrate, scale, and drive greater value from the existing solution to meet the client’s evolving IAM needs.

Key component of Turnkey’s solution included deploying a centralized Identity Governance and Administration (IGA) system, ensuring efficient tracking, monitoring, and control of access to critical systems and data. By tailoring the platform to the client’s needs, Turnkey streamlined access requests, automated approval workflows, and standardized user credentials, enhancing security and ensuring consistent IAM governance.

Turnkey also designed a Role-Based Access Control (RBAC) system ensuring that only authorized individuals had access to critical systems and data, reducing risks from over-privileged access, and simplifying permission management.

To promote operational efficiency, Turnkey automated the onboarding and offboarding of users, reducing the time and manual effort required to grant or revoke access. This was important in managing a diverse workforce of full-time employees, contractors, and third-party partners.

To further enhance security and user experience, Turnkey implemented Single Sign-On (SSO) and Multi-Factor Authentication (MFA) across the client’s applications. This allowed users to log in securely to multiple systems with a single set of credentials, while MFA added an extra layer of security to prevent unauthorized access.

Turnkey also implemented SAP’s governance and reporting features for comprehensive audit and compliance management, customizing the platform to automatically generate detailed audit reports. This streamlined the client’s ability to meet public sector regulatory requirements while tracking user activities and maintaining audit trails. 

Results

Turnkey’s implementation of SAP’s IAM solution resulted in transformative outcomes for the client.

Security incidents related to unauthorized access were reduced by 40%, thanks to the centralized control and enforcement of role-based permissions. The automation of access management processes also resulted in a 50% improvement in onboarding times, allowing new users to gain the appropriate access swiftly and securely.

The streamlined compliance efforts saved the client significant time during audits, with the automated reporting features dramatically reducing the workload for IT and compliance teams. This also contributed to a reduction in manual errors, ensuring compliance with public sector regulations.

Moreover, Turnkey ensured the solution integrated smoothly with the client’s legacy systems, preventing disruption to daily operations during implementation. The client now benefits from a secure, scalable IAM platform that can adapt to its future growth and evolving security needs.

The organization has positioned itself as a leader in secure access management within the public sector, able to confidently protect sensitive transport data and systems from potential threats. 

Benefits

• The centralized IAM solution improved overall security by ensuring consistent enforcement of access controls. Unauthorized access incidents were reduced by 40%, significantly strengthening the client’s ability to protect sensitive systems and data.
• Automating user provisioning and deprovisioning processes resulted in a 35% increase in efficiency for onboarding and offboarding employees and contractors. This automation saved valuable time and reduced administrative overhead, allowing new hires to be productive more quickly. 
•  The automated governance and reporting functions made it easier for the client to comply with stringent regulatory requirements. Audit reports that once took days or weeks to generate could now be produced automatically in a fraction of the time, improving audit readiness and reducing the risk of non-compliance. 
• Turnkey tailored the platform to the client’s specific needs enabling seamless integration of new users, systems, and access requirements as operations expanded. This adaptability guarantees that the IAM framework can grow alongside the organization, ensuring continued efficiency and security as the client scales its workforce and infrastructure.