Optus canned a $2 million IT project that would have reduced the risk of former staff inappropriately accessing terminated accounts.
Information security staff from Optus had been working on the Identity Management (IM) project -- internally called the Central Authentication project -- for 18 months, but it was scrapped last month as part of a cost-costing initiative.
Stephen Frede, information security manager for Optus said the IM project, which would have been able to prevent ex-employees accessing accounts internally, was cancelled along with a range of other projects.
"With a goal to reduce company capital spend for this year, Optus has cut many IT projects, network expenditure and all sorts of projects," he said.
The IM project, which Frede, speaking at an Identity Management conference in Sydney, said has been 'mothballed' by the company, would have enabled Optus to have common provisioning and passwords across as many of its systems as possible, and a directory-based central repository of authentication information.
The pilot was scheduled for deployment by the end of March.
"Users would have been able to change their password, and instead of having to change it manually for each of the systems, it would synchronise across all systems. New users, such as new staff, would be able to have accounts created immediately."
Frede said accounts could have been terminated quickly if someone left the company or changed roles.
"When someone leaves or changes role, a single change would affect all their access privileges throughout Optus," he said.
"The return on investment for Optus from the project, as well as improved productivity, would have included savings on helpdesk costs, as a large part of help desk calls are resetting passwords," Frede said.
With 8000 staff accounts, 12,000 total accounts, more than 180 major IT systems, some 1000 hosts or servers, more than 40 internal firewalls and 10 data centre sites in Sydney, Frede said he hopes the project will be resurrected this time next year.
Frede said Optus considered a large range of products when looking for an IM solution, choosing Waveset's Lighthouse offering which would have integrated with other products including iPlanet LDAP directory.
Frede said, since the project has been cancelled, vendors have been offering their products free, and said they were prepared to wait for Optus to see the ROI before accepting payment, but Optus senior executives said the project was too expensive to run.