The lifecycle of information system users, and more specifically their identities and authorisations, is an essential component of your IAM strategy.
It entails modelling employees’ various possible advancements within the company, from arrival through to exit, and linking in the actions to take in terms of allocating IS access rights. All events in the lives of users within their organisation need to be factored in if you want to ensure that the correct rights are allocated to the right people, and to make IT authorisation audits easier: entry, mobility, exit, change of surname, change or job or posting, long-term absence, transfer, in-house promotions, etc.
Identity lifecycle management is about more than just the company, and forms a key part of information system openness strategies. It potentially affects all populations – human and technical – that might log into the information system: employees, temporary staff, providers, suppliers, partners and customers, but also third-party services, generic or shared accounts, connected objects, etc.
Keeping control of identity lifecycle management is therefore an essential precondition for access management because it will facilitate the technical processes involved in provisioning accounts and IS rights and carrying out authorisation reviews to ensure that each IS user has the correct rights at the right time.
Identity management software
is essential for keeping control
of the lifecycle management of IS users
Managing the lifecycle of identities and authorisations is a project that must be undertaken with an eye on effectiveness, security and return on investment: manual tasks (e.g. paper procedures and email or phone-based processing tasks) are time-consuming and tend to generate human errors, when they could be handled at scale by dedicated software.
However, implementing an identity management project is no mundane task, and several key points merit close attention:
- Work hand-in-hand with human resources on the reference data from the HR IS and the company’s business processes (entry – mobility – exit), and with the IT department to dovetail neatly with existing reference bases: Active Directory, organisational reference bases, business applications, databases and directories, etc.
- Produce a complete mapping of data taken from the HR IS and other application reference bases, and of user lifecycle-related processes, and identify both the level of quality of the data and of control of business processes, and the adjustments to be made.
- Anticipate account provisioning and authorisation review processes and the various constraints that will be factors in processing operations: identify the different actors, the business rules to apply, the connectors to implement, etc.
Discover our ready-to-use user lifecycle
and rights management software:
Meibo People Pack
Main challenges and benefits of identity lifecycle
and authorisations management
The functional richness of the solution used for identity management and IS user authorisation management will be crucial in meeting these challenges and delivering all the intended benefits.
1
Security
- Know who can access what
- Control and track the allocation, modification and removal of user rights in the IS
- Delete orphan accounts, ensure that individuals do not hold multiple toxic rights
- Check that accounts are actually closed for people who have left the company
2
User services
- Offer a self-service portal for IS application access requests
- Have a central directory to manage identities and accesses
- Simplify the rights allocation and removal process
- Facilitate authorisation reviews and the performance of audits and controls
3
Productivity and ROI
- Improve the effectiveness and reliability of entry, mobility, exit and rights allocation processes
- Automate the provisioning of accounts and rights in IS applications
- Eliminate processes using “paper” forms