A global insurance operator's MicroStrategy environment had accumulated years of ungoverned, user-level report permissions. CALIGO replaced the ad hoc model with a group-based authorization framework covering 1,192 reports across 18 business units.
Over time, the company's MicroStrategy reporting environment had accumulated a significant access management problem. Report permissions had been granted directly at the user level, with no systematic process for reviewing or revoking them as roles changed, teams were reorganised, or business needs evolved. Users retained permissions to reports they no longer needed, and there was no central mechanism to enforce accountability over who had access to what, or why. In an insurance environment subject to data protection and internal control requirements, ungoverned access to sensitive reporting data represented a material governance gap.
CALIGO designed and implemented a group-based authorization model, replacing the existing user-level permission structure with a centralised, auditable, and sustainable access governance framework. The foundation of the new model is the elimination of direct user-level authorization in favour of Active Directory group membership as the single mechanism for report access — ensuring access decisions reflect business roles and that permissions remain current by design rather than by effort. We systematically contacted all 18 business units across the organisation — including elementary insurance, health, pension, life, BI, and compliance — and ran an analysis and feedback process covering all 1,192 reports executed within the preceding 12 months. This usage-first approach prevented dormant or obsolete reports from generating unnecessary access groups.
The MicroStrategy environment transitioned from an ungovernable, user-level permission model to a structured, group-based authorization framework grounded in actual usage data. Access is now managed through Active Directory group membership, meaning role changes and team reorganisations are reflected automatically rather than requiring manual report-level intervention. The 18 business units have clear ownership of the reports relevant to their functions, and the access model is auditable — enabling the compliance team to demonstrate who has access to sensitive reporting data and why. The organisation now has a sustainable foundation for ongoing access governance that scales as the reporting environment grows.