Our client (who wishes to remain anonymous), a global healthcare giant, needed help integrating the Workday cloud SaaS app with their Active Directory, Azure AD and Microsoft Identity Manager (MIM) systems.
They had limitations with their global joiner-leaver-mover (JML) processes, including integration and adoption of internal technologies and services, which had developed as the business had grown.
They wanted to introduce the Workday HCM solution as the new authoritative source – the ‘single source of truth’ for identities – to help streamline JML processes and maintain secure access governance. This needed to cater for both ‘wired’ and ‘unwired’ users and integrate seamlessly with another of their important HR and IAM SaaS applications, ServiceNow.
The IT team at our client’s HQ were tasked by the Board to deliver on a very important project:
“To deliver a single source of truth for HR and IAM and to make available a number of common services to employees globally through digitising their experience.”
Our client is a globally federated organisation with a common brand and common goals, but they had limitations on the global integration and adoption of internal technologies and services, which had developed as the business grew. These included:
As a large organisation with multiple HR systems, active directories and other tools in place, they had an identity problem across the business that was inhibiting their ability to collaborate, work efficiently and ensure secure access to systems and information.
Our client also had a unique challenge of different user requirements for access to IT systems and applications between what they referred to as ‘wired’ or ‘unwired’ users. A ‘wired user’ needed identities synced with Azure AD for single sign-on access to business applications and systems. Whereas an ‘unwired user’ (such as a janitor or cleaner) did not have access or require access to IT, and therefore just needed identities synced to a standard on-premises Active Directory.
They wanted to introduce the Workday HCM solution as the new authoritative source – the “single source of truth” – to help streamline JML processes and maintain secure access governance.
The project had a number of important deployment and integration objectives, including:
Watch our webinar on-demand now and discover how to:
Multiple options were considered for a global system provider, including IBM, OKTA, Microsoft and Amazon Web Services. After internal considerations of cost, in-house knowledge and integration with current services and infrastructure, our client decided to move forward with the project using Microsoft technologies.
They then needed to decide on a vendor. The client had a strong existing relationship with ThirdSpace, as the business deployed their original Microsoft Forefront Identity Manager (FIM) solution within the UK. The in-house expertise and knowledge from the ThirdSpace consultants had been proven from previous engagements and the relationship was good.
ThirdSpace started the project off by helping plan the deployment and integration of Workday into the organisation. This started off with a number of exercises to migrate data out of the many global company directories into Workday and establish it as the authoritative source for all identities. This project also included some specific development work to write back company email addresses and other bespoke pieces of information.
Once Workday was set-up as the authoritative source, we then got onto helping with the integration and synchronisation of identities. This ensured that new user data would flow seamlessly into ServiceNow, as well as their many global Active Directory tenancies and Azure Active Directory.
Once Workday was integrated successfully into ServiceNow, MIM, Active Directory and Azure AD, we then built and deployed the processes for all their JML user case requirements. Our client had a unique challenge requiring three specific user provisioning (and resulting access) journeys.
As part of the Workday integration project, the ThirdSpace team also provided some additional auditing and reporting tools from their partner (SoftwareIDM) to augment the Workday SaaS reporting functionality.
Need to overcome challenges common to SaaS app integration? Watch our webinar on-demand and find out how you can solve identity and access headaches caused by HCM SaaS solutions.
Our client’s purpose is to help people live longer, healthier, happier lives.
As a leading international healthcare group, they run care homes, health centres, dental centres and hospitals, offering personal and company health insurance as well as providing workplace health services around the globe.
They provide healthcare to over 14.5 million people through clinics and hospitals and have 15.5 million health insurance customers. They employ over 78,000 people, principally in the UK, but also Australia, Spain, Poland, Chile, New Zealand, Hong Kong, the USA, Brazil, the Middle East and Ireland.
Securely manage users and provide frictionless access to resources.
Send us your questions or feedback.
Friendly folks are standing by!
Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.
You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:Windows
Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.