Identity Lifecycle Management is a function that occurs in all organizations but is usually a manual process at best. Many organizations are being driven to implement processes to automatically curtail user access based on their role within the organization and to automatically revoke that access upon termination.
A great use-case for understanding the power of this technology is to consider what happens when Judy, a finance assistant, gets a new job in the sales department. To perform her new job correctly Judy will need different access to some of the systems for which she is already a user. She will also need to be added to some systems for which she is not currently a user. In a traditional environment we find that Judy is granted the additional access that she requires to do her new job but seldom is the unneeded access taken away. This creates a situation, over time, where users have too much access and is oftentimes the cause of failed audits.
Another scenario to consider is what happens when an employee is terminated. Typically HR will notify IT that a person is no longer employed and IT will then take the necessary steps to manually remove users from their systems. The problem with this approach is that users are inevitably missed. There are many reasons for this such as inconsistent names, inconsistent user IDs, IT is too busy and the list goes on and on. What this means in the real world is that the business is at increased risk because the account is still active and accessible. With the account still active, that means the company will be hurt or even fail its audits because user accounts exist in an orphaned state.
So what does all of this mean to you? If you are a person responsible for ensuring that your company is compliant with security and legislative requirements and you are looking for solutions to control and curtail access then contact us and we can help you design and implement a solution that will meet your needs.
Comments