How DKTV got on top of identities through automation

Who has access to what? Who granted that access? When did it change? And is it documented? Preferably, this instant.

Most organizations discover their identity and access gaps when an auditor asks, and by then it is usually a tangled mess to provide the requested documentation, since everything has been working just fine until then. That is, unless you have a strategy in place and tackle the challenge early.

For DKTV, formerly Dansk Kabel TV, these challenges mattered early on. When GDPR came into effect, they needed to be ready for audits across their entire identity chain. That early insight has proven valuable over time, as NIS2 and other regulations have increased the need to keep identities and their access in order.

History as the driving factor

For day-to-day administration, DKTV relied on Active Directory, as many other organizations do. For that purpose, it worked well. However, one key requirement was missing. Any data older than two weeks was simply not available, and the ability to go back in time to confirm specific user access was not possible.

Without historical logs, the documentation for audits and modern governance in general becomes a manual exercise. Manual work is time-consuming and not scalable. Instead of replacing their AD, they sought to expand and complement their existing setup with additional features.

dktv-article-purplegrad-right.png Alternative text

Cleaning up access

Another challenge that many organizations are familiar with is the need to onboard new employees quickly, so the new user profile is sometimes copied from a similar user.

It is fast, easy, and incredibly risky.

Copied access does not just copy what is needed; it also inherits what is left over. That means old permissions that made sense a couple of years ago were never cleaned up, and now administration has become a guessing game.

A different operating model

To address these challenges, DKTV implemented Pointsharp Identity Lifecycle Management to strengthen governance in its Active Directory and Entra, with improved documentation, automated identity lifecycle events, and a clear joiner-mover-leaver process.

It marked a drastic shift from human-driven workflows to rules and reliable data as the workflow engine. It established consistency, visibility, and repeatability across identities and access in the organization.

It also meant that the onboarding process could be converted into event-driven automation rather than copying existing users.

Today, DKTV has come a long way in regulatory compliance, which, among other things, means:
Audit-ready documentation is part of normal operations.
Less inherited access and fewer exceptions.
Reliable offboarding with no ghost access left behind.
Less time spent on manual identity work.

In our case-study on DKTV and their identity automation journey, you can find all the details on how they went from manual identity work to event-driven identity lifecycle management. You will also find some valuable tips on how to do this right, something more human-driven than just introducing new technology in an organization.