About Pacific Service Credit Union
Founded in 1936, Pacific Service Credit Union today is a full-service financial institution with over $1.4 billion in assets that strives to provide trustworthy products and services to its more than 67,000 members to help them achieve their financial goals and strengthen their financial lives.
PSCU currently employs 160 people whose privileges and IT resources are managed by an IT team of 20 people.
Customer Opinion
โWith the added automations and integrations that we have that we didn’t have before with the old system, our efficiency has been improved at least tenfoldโ.
Alvin Joe
Information & Security Officer at PSCU
Overview
Location
Concord, California
Industry
Finance
No. of IT Users
160
License
tenfold Enterprise
Background
As a credit union, PSCU holds and manages highly sensitive customer data, like personal identifiable information (PII), account information and bank statements, loan and credit information, credit scores and reports, income and tax information, and so on. Because of this, financial institutions like PSCU present particularly juicy targets for increasingly sophisticated cybersecurity threats like ransomware, malware and social engineering attacks.
The consequences of such an attack can be severe. They include operational disruptions and financial losses, such as unauthorized withdrawals and fraudulent transactions. Organizations may also face costs from ransomware payments and expenses for cybersecurity improvements. Additionally, attacks can cause reputational damage, loss of trust, and regulatory penalties.
It is therefore essential that sensitive data be protected at all costs, and having control over user privileges plays a big part in achieving that.
PSCU came to tenfold because the previous IAM system was no longer able to easily satisfy the needs of the institution.
/
Our No-Code Solution Makes IAM Easy.
Start Your Free Trial Today!
Challenges Prior to Implementing tenfold
1. Audit and Compliance Reporting Difficulties
Audit concerns: PSCUโs legacy IAM system was unable to provide accurate reports or lists of user access for new hires, terminations, and ongoing roles, which was crucial for compliance and therefore caused issues during internal and external audits.
Shadow IT and application tracking: Due to the lack of trust in the system, some users bypassed it, leading to shadow IT concerns. This led to the possibility that applications could be used without IT knowing about it, preventing PSCU from being able to monitor or manage these resources effectively.
Inconsistent application of Principle of Least Privilege: The old systemโs limitations hindered PSCUโs ability to ensure that users only had access to the resources necessary for their roles, violating the principle of least privilege.
2. Manual and inefficient processes for User Lifecycle Management
Without automation, PSCU’s IT team was forced to manage every step of onboarding, role changes, and offboarding manually, resulting in time-consuming and error-prone processes.
3. Inability to easily perform User Access Reviews
Periodic user access reviews are essential for verifying and keeping track of user privileges and preventing stale permissions from accumulating. With the previous system, however, such reviews were not easy to accomplish, which led to verification taking longer than desired or being done outside of the previous system.ย
4. Lack of integration with key systems
PSCU needed a system that could integrate seamlessly with critical applications such as Active Directory, Exchange, and Microsoft 365. The former IAM system did not provide this flexibility, complicating any attempts to create a unified IAM environment.
Why PSCU Chose tenfold
Pacific Service Credit Union needed an IAM system that would not only address their current compliance and operational challenges, but also offered flexibility for future growth.
After evaluating several options, tenfold emerged as the ideal solution.
Competitor solutions either proved too complex, expensive and time consuming, requiring extensive resources for deployment as well as maintenance down the road โ resources most midmarket organizations like PSCU cannot shoulder โ or at closer inspection did not provide consistent data for reporting purposes.
tenfold, on the other hand, provided an adaptable, user-friendly, and cost-effective solution that suited PSCU’s needs and was able to deliver consistent reports.
Proof of Concept
Before PSCU made the final commitment to tenfold, they performed a proof of concept to evaluate whether tenfold would be able to deliver on its claims.
tenfold: Key Features and Benefits
1. Comprehensive User Lifecycle automation
tenfold automated many of PSCUโs user lifecycle management processes, including onboarding, terminations, and leave-of-absence procedures. Now, when an employee takes a leave of absence, tenfold automatically locks their accounts and reactivates them again upon return, reducing manual intervention.
Termination processes have also been automated with granular control, retaining essential user data (User ID, email, and personal folders) fora period of time after the termination before being definitively deleted. This feature improved data retention compliance while streamlining offboarding tasks.
2. Integration with key applications and systems
tenfoldโs seamless integration with Active Directory, Exchange and Microsoft 365 enabled PSCU to apply changes across these platforms instantly, improving data consistency and access governance without manual updates. Changes to user roles in tenfold would be reflected automatically in these systems, allowing PSCU to manage user privileges efficiently across their application suite.
Instead of assigning privileges individually (which is not just inefficient but also leads to problems with consistency), tenfold employs roles (role-based access control) comprising different sets of permissions based on user attributes like job title, location, department, etc. When a new member joins the team, they automatically receive the appropriate permission sets (i.e. Profiles) based on these attributes.
PSCU implemented multiple roles within tenfold. This setup has significantly reduced manual approval requests and ensures that employees only received privileges that are essential to their roles, upholding the least privilege principle and saving valuable time for both IT administrators and department managers.
4. Enhanced Security through User Access Reviews
As outlined previously, the ability to conduct user access reviews is essential for staying compliant and ensuring least privilege. In tenfold, access review are represented by a process called โRecertificationโ, which allows organizations to review and adjust privileges recurringly and to thereby ensure that access levels remain appropriate over time. Implementing this feature helped PSCU improve compliance and resource assigning immediately.
5. Simplified Audit and Compliance Reporting
With tenfold, PSCU is able to generate detailed and accurate reports to meet the demands of auditors. The systemโs capability to track user access statuses at any point in time has also proven invaluable for compliance reporting. PSCU is now able to provide the necessary data for periodic IT audits, including lists of active, onboarded and offboarded users, as well as access adjustments over time.
6. Self-Service
PSCU staff can use tenfoldโs self-service portal to request additional access rights (e.g. for projects) ย and the respective data owners (IT, managers, department heads) can review these requests and approve or reject them directly, reducing the number of IT service requests submitted by users for system access . This saves time on both ends and ensures privilege requests are logged automatically and thus can be tracked back to their origin at any point in time.
7. Flexibility for Future Integrations and Additional Automations
tenfoldโs open architecture facilitates possible future integrations, ensuring PSCU will be able to scale its IAM functionalities as needed, even if target systems lack options for technical integration.
8. User Acceptance thanks to Intuitive Interface
Thanks to its user-friendly design and reliability, PSCUโs non-IT staff have also taken well to tenfold. Hiring managers and HR staff can use it to manage access requests efficiently and without needing specialized IT skills. This has minimized training times as well as the possibility of mistakes.
9. Picture Support Feature
tenfoldโs picture support function was an unexpected bonus, allowing PSCU to unify employee photos across Microsoft applications like Outlook and Teams and thus enhancing its internal directoryโs consistency.
โWith the added automations and integrations that we have that we didn’t have before with the old system, our efficiency has been improved at least tenfoldโ.
Alvin Joe
Information & Security Officer at PSCU
Implementation Timeline
The implementation of tenfold at PSCU was smooth and swift:
Proof of Concept: A PoC was performed to determine whether tenfold could deliver on its promises. Various scenarios were played out using four well-used applications including one critical app. tenfoldโs capabilities to integrate with Active Directory and Exchange were put to the test.
Application Inventory and Profile Setup: PSCU inventoried applications, identifying more applications than previously tracked, and created role profiles to automate application and privilege assignments based on role within the organization.
Configuration and Data Import: In early 2024, PSCU acquired tenfold licenses and initiated data import, setting up applications and profiles.
Training and Rollout: Training and user guides were developed. By July 2024, PSCU went live with lifecycle and provisioning automation. Profiles were fine-tuned over the following month, and the full implementation was completed by mid-August 2024.
Results and Future Plans
Since implementing tenfold, PSCU has achieved:
Streamlined Audits and Compliance: tenfold enabled PSCU to generate accurate audit reports with ease, fulfilling compliance needs and reducing audit preparation time.
Increased Operational Efficiency: Automation of user lifecycle processes and role-based access through profiles saved PSCU significant time and resources.
Enhanced Security and Shadow IT Control: By consolidating application tracking and enforcing access requests through tenfold, PSCU reduced potential shadow IT and ensured visibility over user privileges.
Future plans include periodic role reviewing, support for additional user types (temporary employees, volunteers, etc.), and further automation of group memberships.
Conclusion
With tenfold, Pacific Service Credit Union has transformed its IAM framework, overcoming the limitations of its previous system and achieving a more secure, compliant, and efficient operational model.
See tenfold in Action With Our Feature Video
Schedule a Live Demo With One of Our Experts
Put tenfold to the Test With Our Free Trial!