I am working now for an insurance company with more than 25.000 employees and with offices in such exotic places as South-America, Hog Kong or Bahrain.
Of course, such important company has a complicated and intricate structure. Companies that depend of companies that are controlled by companies that are dominated by a big holding that keeps everything together.
Due to my project, where I have to implement the authentication structure in LDAP for the Spanish side of the company (the core one), I am confronted to the big view of the business and support structure for the whole.
The feeling that people get when confronted with such a beast is disarray. As one of my clients said: “It’s like having to do a 5.000 piece’s puzzle without having the final image”. And he knows what he’s talking about, he just arrived and must be operative in less than a month.
In my short time there I have been able to identify a structure based on 3 main axis. All departments and entities (as they call the companies) can be classified following those three categories.
The first one is the business of the entity. Mutuality, General Insurance, Agricultural and Livestock, Medical Insurance, and so on. Those are where the business is. Where the money is made. They offer concrete products and services.
The second one is the support entities. Indeed, those are departments that give support, either in a legal, software, security, network,… way to the different business entities.
Finally, all those departments and entities can be either part of The Central, either part of The Network. The Central is where the core of the business is managed, where new products are created, the whole machine is oiled and coordinated, the accounting is made, the compensations are calculated, the accidents expertised,… and The Network is the set of all the individuals, regional agencies and sub-agencies,…, where the products are sold, support is given and the service is offered.
The company is, indeed, made of a mix of all this. They all can fit, either with a 2D or 3D structure, in some or several of those axis.
But if this were all, it would be too easy. I have to deal with people, and that complicates even further the whole.
For a start, there is a whole community working for the company, but not being part of the company. This is due to two main factors:
- The company bases it’s business development mainly in consultants. As surprising as it might be, at least half of the key positions (project management mainly) are hold by consultants. If they leave, a lot of the know-how leaves with them.
- The sales force and regional agencies are not always part of the company. But they get paid by the company, and must have access to it’s network and software.
Then, each person must access with specific permissions to each system. And they can not always be identified by their function or region. Often there is shared responsibilities in tiny offices. Furthermore, the company being growing rapidly, the structure changes pretty often and get always adapted.
And last but not least, the bosses. They are capricious, and they ask for different permissions to different systems all the time, without right or explanation. And of course, they are bosses… they must be obeyed
This makes the effort of automatizing the assignment of rights and permissions a nightmare. But a nightmare that must be ready in a few months. Welcome to the real world