Customer stories

DIRECTV Latin America

Entertainment broadcaster implements holistic, highly automated identity management with OpenText™ NetIQ™ Identity Manager for zero trust security

About DIRECTV Latin America

For nearly three decades, DIRECTV Latin America has been at the forefront of entertainment in Latin America and the Caribbean. Every year, it beams and streams more than 100,000 hours of media content to 10 million-plus customers.

Customers:

10+ million
Employees:

8,000
Annual media content:

100,000 hours

Summary

Challenges

Struggled to manage identity and access rights for a large, distributed user base.
Security team lost time manually administering user rights.
Low visibility made it difficult to adopt zero trust.

Solution

Built a comprehensive identity governance platform.
Provided a single point of identity and access control.
Introduced user ownership and self-service.

Results

Freed security team with business user self-service
Increased visibility of 15,000+ identities
Cut time spent on access revalidation by 50%

Challenges

Managing a large, globally distributed user base was complex and time-consuming
Inconsistencies made it hard to gain a holistic view of identities and access rights
Security specialists were spending too much time on manual provisioning and validation
Ongoing business growth and the adoption of a zero trust model made it imperative to change direction

With a large and distributed user base, managing identities and access rights took a heavy toll on DIRECTV Latin America’s information security team. The company had a fairly mature identity management practice, but it had been built up in a less-than-systematic way over the years. This made it difficult to gain a truly holistic view of identities across the enterprise and left the security team reliant on time-consuming manual workarounds to provision identities and revalidate access rights.

Juan Carlos Esteve, regional manager GRC at DIRECTV Latin America, gave an example, “When it came to provisioning a new identity, we had to first register the user in our human resources [HR] system, then in our identity management system. After that, we had to follow yet another process to generate the application accounts in Active Directory. It required a lot of manual work and a lot of back-and-forth between us in security, the IT help desk, and the different business areas.”

With the business continuing to expand, it was becoming increasingly clear that DIRECTV Latin America required more robust identity management foundations. That need suddenly became all the more urgent in 2020, when the company’s senior management team unveiled a new plan for evolving to a zero trust security model.

“Identity is a key pillar of any zero trust model: it all rests on understanding who is trying to access a certain resource at a certain point in time, and whether they should be allowed to access that resource,” noted Walter Mondino, CISO at DIRECTV Latin America. “So, when the business decided to move toward zero trust, we knew that rebuilding our identity management ecosystem had to be our first step in this new direction.”

The ability to centralize identity and access rights with NetIQ Identity Manager and NetIQ Identity Governance is incredibly powerful and valuable to us. We can consolidate all identity-related information in one place, where it can be easily consulted and updated over time.

Walter Mondino
CISO, DIRECTV Latin America

Solution

To support its evolution to a zero trust security model capable of protecting more than 400 applications and 15,000 user identities, DIRECTV Latin America deployed a comprehensive identity governance and administration (IGA) solution based on OpenText technology.

Products deployed

OpenText™ NetIQ™ Identity Manager

Simplify identity lifecycle management, access requests, and risk assessment to strengthen your organization’s IAM framework
OpenText™ NetIQ™ Advanced Authentication

Modernize to passwordless or multifactor authentication with a centralized solution to eliminate silos and enable greater security and manageability
OpenText™ NetIQ™ Identity Governance

Simplify administrative tasks, boost operational effectiveness, and empower business staff to manage application and data access permissions

Building a comprehensive identity governance platform

DIRECTV Latin America reviewed its existing tools and processes and shaped a fresh approach to identity access management, all with the broader view of moving to a zero trust security framework.

The result of that work is a comprehensive identity governance and administration (IGA) solution, built around NetIQ Identity Manager and NetIQ Identity Governance. An IGA solution goes beyond the simple visibility of user entitlements, instead taking a holistic approach to the management of access rights. With its foundations in a robust identity lifecycle management infrastructure, the IGA at DIRECTV Latin America ensures that only the right employees have access to potentially sensitive information. It delivers a comprehensive view of accounts and resources, protects against “rubber-stamp” approvals, provides robust attestation and reporting, and helps to automate the segregation of duties in line with corporate policies and external regulations.

Providing a single point of identity and access control

The platform now powers the entire identity lifecycle at DIRECTV Latin America, acting as the single source of truth and central point of control for identity and access rights.

DIRECTV Latin America worked with OpenText to connect to key applications, collecting all user accounts, along with their associated roles and privileges. The media company engaged different business teams to understand the segregation of duties and how roles should be composed within certain applications. In total, the team managed to load more than 4,000 functional segmentation rules into NetIQ Identity Manager to govern access rights. “We also set up an alert system, which automatically notifies the owner of a specific rule when a sensitive or critical access privilege is being used by a role or business area without the appropriate access permissions,” said Juan Miguel Viedma, senior analyst GRC information security at DIRECTV Latin America.

Today, NetIQ Identity Manager and NetIQ Identity Governance are fully integrated with the company’s HR systems and dozens of other core enterprise platforms, including Active Directory and Office 365. DIRECTV Latin America also created a portal for approved service providers and partner companies, providing a similarly streamlined identity experience for some 7,000 external collaborators.

Introducing user ownership and self-service

During this transformation, DIRECTV Latin America took the opportunity to give users greater ownership over their digital identity and access rights. It has introduced new self-service capabilities and two-factor authentication, supported by NetIQ Advanced Authentication. Now, users take a more active role in maintaining their access credentials, including defining their preferred password reset options and supporting authentication methods.

Juan Carlos Esteve explained how the company’s new approach to identity works in practice, “When a new employee joins, the HR team sets up their details in our HR system. Thanks to the integration work and business rules we’ve established, the NetIQ IGA solution can draw on that information to create a new identity and create associated accounts for it, such as in Active Directory. The employee then completes the account set-up process, filling out their details and password reset options, which activates their Active Directory account. This all takes a matter of minutes.”

Now that we’ve integrated our systems with NetIQ Identity Manager and NetIQ Identity Governance and automated much of that manual work, we’ve made huge time savings. The access revalidation process, for example, is at least 50% faster.

Juan Miguel Viedma
Senior Analyst GRC Information Security, DIRECTV Latin America

Results

Thanks to its OpenText solutions, DIRECTV Latin America can ensure that the right people have the right access; the company also has a documented trail of permissions, and an explanation of why each user – both internal and external – has been granted access rights.

Reduced burden on security team

With identities and access managed from a central point, DIRECTV Latin America has streamlined identity provisioning and deprovisioning, as well as access revalidation. This supports a smoother user experience while saving considerable time and effort for the security team. What’s more, a faster, highly automated process reduces risk and improves the company’s overall security posture.

Gained greater visibility of global identities

Walter Mondino noted, “Before, we had the rules needed to establish appropriate access permissions, but most of that knowledge resided with a small set of people scattered across different areas of the business. This created a risk that if these people left the company, that knowledge would leave with them. That’s why being able to centralize identity and access rights with NetIQ Identity Manager and NetIQ Identity Governance is incredibly powerful and valuable to us. It allows us to consolidate all identity-related information in one place, where it can be easily consulted and updated over time.”

Cut time spent on access revalidation by 50%

"So much of our time around identity management used to be taken up simply by moving and validating data between different systems and functions,” said Juan Miguel Viedma. “Now that we’ve integrated our systems with NetIQ Identity Manager and NetIQ Identity Governance and automated much of that manual work, we’ve made huge time savings. The access revalidation process, for example, is at least 50% faster – and we’re getting better all the time as we become more familiar with the platform.”

Crucially, these firm identity foundations are paving the way for DIRECTV Latin America to evolve to a zero trust security model. Having taken the critical first steps of strengthening identity and access management, the company continues to work to bring equal rigor to the entire enterprise security landscape – helping it proactively manage risk and protect its people, information, and applications.

FeaturedFeatured

Analytics CloudAnalytics Cloud

Data Lakehouse & AnalyticsData Lakehouse & Analytics

BI, Visualization & ReportingBI, Visualization & Reporting

eDiscovery and Legal SolutionseDiscovery and Legal Solutions

OpenText™ Aviator Search

Business Network CloudBusiness Network Cloud

Supply Chain AutomationSupply Chain Automation

B2B IntegrationB2B Integration

Secure CollaborationSecure Collaboration

Supply Chain TraceabilitySupply Chain Traceability

Supply Chain InsightsSupply Chain Insights

Industry Applications and ServicesIndustry Applications and Services

OpenText™ Business Network Aviator

Content CloudContent Cloud

Document ManagementDocument Management

AI Content ManagementAI Content Management

Capture Intelligent Document ProcessingCapture Intelligent Document Processing

Process AutomationProcess Automation

Business IntegrationsBusiness Integrations

Information ArchivingInformation Archiving

Industry SolutionsIndustry Solutions

Information GovernanceInformation Governance

OpenText™ Content Aviator

Cybersecurity CloudCybersecurity Cloud

Application SecurityApplication Security

Data Privacy and ProtectionData Privacy and Protection

Threat Detection and ResponseThreat Detection and Response

Identity and Access ManagementIdentity and Access Management

Digital Investigations and ForensicsDigital Investigations and Forensics

Threat IntelligenceThreat Intelligence

OpenText™ Cybersecurity Aviator

DevOps CloudDevOps Cloud

DevOps PlatformDevOps Platform

Functional TestingFunctional Testing

PPM and Strategic Portfolio ManagementPPM and Strategic Portfolio Management

Quality ManagementQuality Management

Performance EngineeringPerformance Engineering

OpenText™ DevOps Aviator

Experience CloudExperience Cloud

Web & Mobile ExperiencesWeb & Mobile Experiences

Contact Center AnalyticsContact Center Analytics

Messaging & FaxMessaging & Fax

Customer CommunicationsCustomer Communications

Digital Asset ManagementDigital Asset Management

Customer Journey and DataCustomer Journey and Data

OpenText™ Experience Aviator

IT Operations CloudIT Operations Cloud

Service ManagementService Management

Discovery & CMDBDiscovery & CMDB

AIOps and ObservabilityAIOps and Observability

Network ManagementNetwork Management

Cloud Management, FinOps & GreenOpsCloud Management, FinOps & GreenOps

AutomationAutomation

OpenText™ IT Operations Aviator

OpenText™ ThrustOpenText™ Thrust

OpenText™ Thrust bundleOpenText™ Thrust bundle

OpenText™ Aviator Thrust

PortfolioPortfolio

Data ProtectionData Protection

Endpoint Management and Mobile Security Endpoint Management and Mobile Security

Hybrid Work, Email, and Team Collaboration Hybrid Work, Email, and Team Collaboration

Archiving, eDiscovery, and Data SecurityArchiving, eDiscovery, and Data Security

Connectivity and Document ManagementConnectivity and Document Management

Information reimaginedInformation reimagined

Artificial IntelligenceArtificial Intelligence

IndustryIndustry

Enterprise ApplicationsEnterprise Applications

Your journey to successYour journey to success

Customer SupportCustomer Support

Customer Success ServicesCustomer Success Services

Strategy & Advisory ServicesStrategy & Advisory Services

Consulting ServicesConsulting Services

Learning ServicesLearning Services

Managed ServicesManaged Services

Find an OpenText PartnerFind an OpenText Partner

Find a Partner SolutionFind a Partner Solution

Grow as a PartnerGrow as a Partner

Become a Partner

Asset LibraryAsset Library

Featured

Analytics Cloud

Data Lakehouse & Analytics

BI, Visualization & Reporting

eDiscovery and Legal Solutions

Business Network Cloud

Supply Chain Automation

B2B Integration

Secure Collaboration

Supply Chain Traceability

Supply Chain Insights

Industry Applications and Services

Content Cloud

Document Management

AI Content Management

Capture Intelligent Document Processing

Process Automation

Business Integrations

Information Archiving

Industry Solutions

Information Governance

Cybersecurity Cloud

Application Security

Data Privacy and Protection

Threat Detection and Response

Identity and Access Management

Digital Investigations and Forensics

Threat Intelligence

DevOps Cloud

DevOps Platform

Functional Testing

PPM and Strategic Portfolio Management

Quality Management

Performance Engineering

Experience Cloud

Web & Mobile Experiences

Contact Center Analytics

Messaging & Fax

Customer Communications

Digital Asset Management

Customer Journey and Data

IT Operations Cloud

Service Management

Discovery & CMDB

AIOps and Observability

Network Management

Cloud Management, FinOps & GreenOps

Automation

OpenText™ Thrust

OpenText™ Thrust bundle

Portfolio

Data Protection

Endpoint Management and Mobile Security

Hybrid Work, Email, and Team Collaboration

Archiving, eDiscovery, and Data Security

Connectivity and Document Management

Information reimagined

Artificial Intelligence

Industry

Enterprise Applications

Your journey to success

Customer Support

Customer Success Services

Strategy & Advisory Services

Consulting Services

Learning Services

Managed Services

Find an OpenText Partner

Find a Partner Solution

Grow as a Partner

Asset Library

Blogs

Events

Communities

Customer Stories

OpenText Navigator