Using K-Means Clustering to Streamline the Application Access Management Process


Cheryl E. Johnson, Vice President and Market Information Consultant, Bank of America

The number of employees at Bank of America, along with the myriad roles they fill, ensures complexity when managing employees' application access rights. Pre-defined profiles have been created to help manage this challenge; however, the number of profiles has proliferated over time. An effort was undertaken to determine if this system could be simplified, resulting in less effort to maintain it while at the same time increasing transparency and reducing risk. Top applications were identified by job role. Next, a cross-sectional view of application access was built versus employee ID, with each application assigned either a 0 or a 1 depending on whether the specific employee had access. Depending on job role, employee IDs were also linked to other key variables, such as job code (within a role), line of business, region and site. K-means clustering was used to group applications based on similar access rights and to identify patterns based on other predictors. Analysis of the resulting bi-plots and cluster means has led to significantly increased clarity, including: (1) identification of application subgroups with high to perfect correlation of access rights; (2) strong association of clusters to job codes; and (3) association of clusters with other linked variables.

Article Labels
Article Tags