Case Study · Identity & Access Management

A Fortune 500 Financial Services Organization

Empowering enterprises to innovate fearlessly with secure digital ecosystems. A globally operating Fortune 500 organization providing brokerage, wealth management, retirement, and investment services to individual and institutional clients within a highly regulated financial services environment.

Fortune 500
Globally operating financial services organization
Global
Brokerage · wealth management · retirement · investment
Hybrid
ADFS + Microsoft Entra ID identity architecture
Multi-Tenant
Identity environment spanning multiple regions and tenants
Problem Statement

An IAM environment that no longer scaled with the business.

The organization’s IAM environment was not designed to scale with business growth, resulting in challenges around access control consistency, security enforcement, and centralized oversight. The hybrid IAM architecture leveraging ADFS and Microsoft Entra ID introduced operational complexity across multiple regions and tenants, making identity governance, authentication policies, and provisioning workflows increasingly fragmented and difficult to maintain.

Manual and inconsistent provisioning processes increased operational overhead, delayed access delivery, and introduced elevated risk of identity-related errors. The absence of standardized Role-Based Access Control (RBAC) and automated lifecycle management contributed to orphaned accounts, over-provisioned access, and insufficient enforcement of least-privilege principles across the enterprise.

Evolving regulatory and compliance requirements within the financial services sector exposed gaps in access governance, risk-based authentication, and audit readiness. The absence of a robust multi-tenant IAM framework further complicated administrative control, policy enforcement, and segregation of environments — increasing operational burden and overall risk exposure across the organization’s identity estate.

Digital identity and access management security interface
Engagement Summary

A modern, scalable IAM foundation — built for hybrid, multi-tenant scale.

Compunnel partnered with the organization to design and implement a modern, scalable IAM architecture that supported multi-tenancy and a hybrid authentication model spanning ADFS and Microsoft Entra ID. The engagement strengthened Identity Governance and Administration (IGA) controls within Entra ID, enhanced policy enforcement and access oversight, and deployed Microsoft Entra Identity Protection to enable continuous monitoring, risk-based authentication, and proactive threat detection.

Key Outcomes

What the program delivered.

IAM Strategy & Policy Framework

Defined IAM strategy, governance model, policies, and standards to drive consistent identity and access controls across a hybrid, multi-tenant environment.

Hybrid IAM Architecture Implementation

Designed and implemented a scalable multi-tenant IAM architecture supporting hybrid authentication across ADFS and Microsoft Entra ID.

IGA Controls Strengthening

Enhanced Identity Governance and Administration controls within Entra ID to improve entitlement oversight, access governance, and policy enforcement.

Streamlined Identity Lifecycle Management (JML)

Automated joiner, mover, and leaver workflows to enforce timely provisioning, modification, and de-provisioning across the identity estate.

Risk-Based Authentication & Continuous Monitoring

Deployed Microsoft Entra Identity Protection to enable adaptive authentication, continuous risk evaluation, and proactive threat detection.

Centralized Access Governance & Visibility

Established centralized access visibility across tenants, improving entitlement oversight, audit readiness, and overall compliance posture.

Segregation of Duties (SoD) Enforcement

Implemented automated SoD controls to detect and prevent conflicting access, strengthening internal controls and reducing recurring audit findings.

Looking at a similar IAM modernization?

Our IAM advisors will assess your current posture, identify the governance and lifecycle gaps that carry the most risk, and propose a program built around your environment — not against it.

Talk to an IAM Advisor →