Background
Imagine if the efficiency of a business process dramatically improved by 960%. That’s a worthwhile investment and exactly the type of project that AIS loves to take on. Our Department of Defense agency client has 4 million members that seek to access information, however, external users had to go through a frustrating and time-consuming process to gain access in order to collaborate.
Challenge
Improving a complex and inefficient system and allowing external users to an organization to gain access to the information on a secure SharePoint site. With the old system, it would take weeks to grant external access to the system, when users largely required immediate access. Given this inefficiency, our client asked us for a better way to grant external users access in a more efficient way, without the forms and without all of the problems.
Steps a user had to take in order to gain access (pre-solution):
- Fill out a specific access form
- Deliver the form to the approving authority
- Have the approving authority sign off on the form
- Request the government point of contact from the user’s team to sign off on the form
- Submit a ticket for the request
- Wait for the ticket to be approved and completed
- Resolve any issues with the account setup
- Confirm approval via an entirely different system.
Some of the issues with the original process included:
- Lack of access to the system in a timely manner
- Inability for external users to communicate with the system
- Ineffective bureaucratic processes
- Poor quality of execution for external accounts
Solution
AIS came up with a custom XAML Token System that authenticates off of our client’s main information system. From a single source system, the user can gain access to SharePoint (a collaboration system) to collaborate on documents or information that is vital to the Department of Defense, all within under 5 minutes. By using Active Directory Federation Services, we were able to securely share identity information for users possessing a Common Access Card (Department of Defense). With this functionality, a member of the armed services or a user from another agency or branch of government can gain access to the SharePoint site of our client, with the ability to review and edit documents remotely.
This solution removed the requirement of filling out forms and awaiting onerous and lengthy approval processes that were largely ineffective. The long-unattainable requirement for immediate access by our client and associated users was met with this solution. External users now use this Token solution as the place for a single-source login.
Technologies
- SharePoint 2010
- SharePoint 2013
- Active Directory Federated Services