The Gap Finds an IT Tool That Saves Time and Money

ID management tools help system administrators simplify user access to Unix, Linux systems. Part 2 of 5.

By Kim S. Nash
Tue, July 29, 2008

CIO — Welcome to Part 2 of our 5-part series on IT cost cutting. Each installment looks at money-saving IT projects that you can replicate, from Gap, Lafarge, Title Resource Group, the U.S. Department of Defense and Washington Mutual.

In Part 1, Lafarge North America learns how to negotiate from a position of strength with vendors AT&T and Hewlett-Packard, saving "seven figures" in the process.

Flaunt Your Cost-Cutting Smarts

E-mail CIO.com writer Kim S. Nash and tell her about your money-saving project. Be sure to say how much the effort cost, what the financial returns were and how soon you saw them. Bonus points for projects implemented in three months or less, with substantial returns within a year. Your project may be featured in a story on CIO.com or in CIO magazine.

Compliance. You can't avoid it and you can't keep failing it. The best you can do is make it cheaper and easier and good enough to pass audits.

Anyone trying to comply with PCI and Sarbanes-Oxley regulations knows that passing an audit hangs on demonstrating that you control employee access to sensitive customer and financial data.

More on CIO.com

Deadline for PCI Compliance Is Now

Why IT Is Better Off Under Sarbanes-Oxley

The ABCs of Identity Management

So it was at Gap Inc. Direct, which oversees the e-commerce efforts of Gap, Banana Republic, Old Navy and shoe outlet Piperlime. But controlling access wasn't simple in a mixed environment of mainly Unix servers, including Linux, and various Microsoft Windows operating systems.

Gap Inc. Direct uses Microsoft's Active Directory administrative tools. Among other features, Active Directory lets system administrators grant and control end-user permissions more easily than many Unix tools, says Jeff Arcuri, a senior manager of IT at Gap Inc. Direct.

Active Directory by itself doesn't support Linux or Unix so Gap's system administrators ended up having to assign employee permissions individually, to access different databases and applications, depending on the work they needed to do.

When it came time for PCI and Sox audits, auditors or system administrators had to collect the server logs manually to show who accessed what files when, for hundreds of servers. They could automate bits of the process with custom scripts but still, start to finish, the ordeal required up to 10 people working at least part-time on every audit, he says.

To automate more of the process and free up systems administrators for more valuable work, as well as make user access permissions in this mixed operating environment simpler, Arcuri deployed an identity management tool from Likewise Software. The software installation took about three months early this year and involved two to five system administrators at various points, Arcuri says. Installing identity management systems can help a company enforce policies for who can see what data.

1 2 next page »

More from CIO

You are here: Business/Management Topics » IT Organization » Feature

Most Recent IT Organization Stories

White Papers »

Customer Profile: Bennet Jones LLP

Active-active high performance environment minimized downtime and improves DR confidence.

How Organizations Are Improving Business Resiliency

This Forrester Technology Adoption Profile examines how IT decision-makers' expectations and approaches are evolving to address increasing demands from their organization and clients.

Customer Profile: University of Denver

Private university transforms high availability in cloud with EMC VPLEX Metro.

Customer Profile: First National Technology Solutions

Service provider expands target market with enhanced cloud infrastructure

Integrated Systems and Streamlined Practices Propel New, Responsive IT Organizations

This paper characterizes a significant IT transformation that's underway for firms just beginning the journey or those already in the middle of the change. Learn More.

Businesses are ready for a new approach to IT

The IBM PureSystems family is comprised of platform systems and infrastructure systems that include built-in "patterns of expertise" to address complex business and operational tasks for smarter computing.

Webcasts »

Forrester Research and EMC on Continuous Availability

Listen to Stephanie Balaouras, Vice President, Research Director of Forrester Research, discuss the market adoption and implementation of Continuous Availability solutions.

Big Ideas; Big Tech-Continuous Availability for VMware

Watch this video to learn how VPLEX enables users to transform their increasingly complex IT environments into a unified availability approach.

Accelerate IT Effectiveness

In this webcast, BCS North America shows you how to accelerate IT productivity and business readiness.

Seven trends to shape your digital business - Accenture Technology Vision 2013

Technology is now intertwined with nearly every aspect of business. Information technology is not only pervasive; it is fast becoming a primary driver of market differentiation, business growth, and profitability.

B2B Integration on Cloud: Real World Solutions and Technology Advances

Watch the webcast with IBM experts to learn about the advancing capabilities and strategic direction for B2B Integration on Cloud.

Software Asset Management

During our Software Asset Management webinar you will learn how having asset, configuration and other service management processes together in one system of record provides the control and visibility you need to overcome these challenges.