Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

One Identity: How Swiss Post Manages IAM for 45,000 Employees

One Identity
07/13/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


services and I work at Swisspost. Swisspost is a nationwide company. We operate a critical infrastructure in the field of logistics and financials and also mobility services. We have the whole Switzerland as customers because we deliver letters and parcels and our company has about 40,000, 45,000 employees. We choose one identity for our provider because one identity manager, the solution provides a good governance framework and it's quite flexible and scalable and that's very important for us, for Swisspost because we have a large number of applications, different applications and also of user types and one identity manager allows us to manage all this variety. The greatest security risk we face in Swisspost are cyberattacks on our critical infrastructure, but we have also issues with supply chain vulnerabilities and also fraud, social engineering against our digital channels. Our governance and provisioning process before identity solution was quite manually and not trackable, so we had a lot of manual effort to provision all the access rights and also to manage the identities. We see clear benefits of the identity manager solution. We have faster on and off boarding of employees, then we have fewer manual IT tickets, we have clear, better transparency for the manager and the application owner and we have reduced risks due to automated workflows, approval workflows and red certification. The onboarding of applications in EM or one identity manager is quite structured. We have several steps for that. So at first, we meet the application owner and define the entitlement and also the ownership of this entitlement. After that, we do a risk classification of this entitlement and define the approval workflow and also the red certifications. And for that reason, the application owner has every time access to the one identity manager solution and think they can have transparency or they can transparency which employee person has access to what from his application. We perform red certification checks for highly critical roles once a year, because this is a balance between usability and security. So if you do it too often, then the employees will be used and they click it away anyway. But when we do it once a year, then they have pay attention to this red certification. And I think this is then quite effective. If someone is concerned about identity security, we have some lessons learned. We did for ourselves. So a major point is to define the governance before you automate, because if you automate something you don't know, then you have a mess in the end. Very important and a very good or a very important base for the whole identity and access management is of course the data quality and also the role structure, that you have a clean role structure. And furthermore, IEM is not only an IT service, it is also a business enabler. So therefore, stakeholder management is a very important point. The lessons learned with our stakeholder regarding the identity security is that we explain to stakeholders what value we generate for the business. It is compliance and security, so that the stakeholders from the business can perform their business processes in a secure way. I can recommend One Identity Manager. The number one reason is the very good governance framework, but also the flexibility they have. And that is very important for a diverse and large company like Swisspost, so that we can deploy all the processes securely and compliantly.

TL;DR

  • Swiss Post chose One Identity Manager for its governance framework, flexibility, and ability to handle a large, diverse workforce of around 45,000 employees across multiple service lines.
  • Before IAM automation, provisioning was manual and untrackable; the solution delivered faster onboarding, fewer IT tickets, better transparency, and reduced risk through automated workflows.
  • Recertification for highly critical roles is performed annually — a deliberate balance between security effectiveness and avoiding user fatigue from overly frequent reviews.
  • Key lessons include defining governance before automating, maintaining clean data and role structures, and positioning IAM as a business enabler through active stakeholder management.

Summary

Marco Soliva, IAM Product Manager at Swiss Post, explains how Switzerland's national postal service manages identity and access for approximately 45,000 employees across logistics, financial, and mobility operations. Before adopting One Identity Manager, Swiss Post's provisioning and governance processes were largely manual and difficult to audit, creating significant overhead and risk exposure. The organization selected One Identity Manager for its governance framework, flexibility, and scalability — qualities essential for managing a large, diverse workforce with hundreds of applications and multiple user types. Since deployment, Swiss Post has achieved faster employee onboarding and offboarding, a reduction in manual IT tickets, improved transparency for managers and application owners, and lower risk through automated approval workflows and recurring access certification. Soliva also shares practical lessons for organizations beginning their IAM journey: define governance before automating, invest in data quality and clean role structures, and treat IAM as a business enabler rather than a pure IT function. He emphasizes that stakeholder buy-in depends on communicating the business value of compliance and security — not just the technical benefits. His certification cadence insight — performing recertification for critical roles annually rather than more frequently — reflects a deliberate balance between security rigor and user engagement, ensuring that reviews receive genuine attention rather than becoming routine click-throughs.

Chapters

0:00 - Swiss Post Introduction
0:35 - Why One Identity Was Chosen
1:33 - Before and After IAM Automation
2:23 - Application Onboarding Process
3:45 - Lessons Learned and Recommendations

Key Quotes

0:46 "One Identity Manager, the solution provides a good governance framework and it's quite flexible and scalable and that's very important for us."
3:55 "A major point is to define the governance before you automate, because if you automate something you don't know, then you have a mess in the end."
4:27 "IAM is not only an IT service, it is also a business enabler."
3:22 "We perform red certification checks for highly critical roles once a year, because this is a balance between usability and security."

FAQ

Why did Swiss Post choose One Identity Manager over other IAM solutions?

Swiss Post selected One Identity Manager primarily for its governance framework, flexibility, and scalability. With a large number of diverse applications and user types across a workforce of around 45,000, they needed a solution that could manage that variety without rigid constraints.

How does Swiss Post handle access recertification without overwhelming employees?

Swiss Post performs recertification checks for highly critical roles once a year. Soliva explains this is a deliberate balance — doing it too frequently causes employees to click through without paying attention, while an annual cadence ensures the review receives genuine scrutiny.


Categories:
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Identity & Access
  • Customer Story
  • Best Practices
  • Compliance & Governance
  • Security Operations
  • Identity and Access Management
  • Access Governance
  • Automated Provisioning
  • Role-Based Access Control
  • Access Recertification
  • Stakeholder Management
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: One Identity: How Swiss Post Manages IAM for 45,000 Employees

              Upcoming Webinar Calendar

              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting a Championship-Caliber Security Team for Lasting Defense
                https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-caliber-security-team-for-lasting-defense/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in Safeguarding AI-Accessible Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-safeguarding-ai-accessible-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Strategies in Data Protection and Privacy Management
                https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-in-data-protection-and-privacy-management/
              • 07/22/2026
                01:00 PM
                07/22/2026
                Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue
                https://www.truthinit.com/index.php/channel/2029/insights-from-attackers-during-the-fifa-world-cup-a-human-dialogue/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 07/29/2026
                12:00 PM
                07/29/2026
                Unified Data Security in Action: Uncover, Analyze, and Resolve Threats
                https://www.truthinit.com/index.php/channel/2045/unified-data-security-in-action-uncover-analyze-and-resolve-threats/
              • 07/29/2026
                01:00 PM
                07/29/2026
                Ask Your Cloud Anything: Unlocking Governance Silos in your Environments
                https://www.truthinit.com/index.php/channel/2048/ask-your-cloud-anything-unlocking-governance-silos-in-your-environments/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                14

                Crafting a Championship-Caliber Security Team for Lasting Defense

                07/14/202601:00 PM ET
                • Jul
                  14

                  Understanding the Crucial Role of Context in Safeguarding AI-Accessible Data

                  07/14/202602:00 PM ET
                  • Jul
                    21

                    Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                    07/21/202604:00 AM ET
                    • Jul
                      22

                      Insights and Strategies in Data Protection and Privacy Management

                      07/22/202606:30 AM ET
                      • Jul
                        22

                        Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue

                        07/22/202601:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version