One of the questions often encountered when an organization decides to start an Identify Management project is “where do we start?” Undoubtedly, when looked at as a whole, the task can be daunting if not completely overwhelming. What is the source of data, how do we define roles, dozens of applications to interface with and the list goes on.
The approach we recommend is to start small – replace the manual, paper intensive process that is currently in place with a more automated, web based solution. Most organizations have a new hire form that has basic information – department, location, title, etc. and this is frequently coupled with another form that outlines what the new employee will need – network account, email, computer, phone, access to certain applications and group memberships to name a few.
A portal, such as the one in UMRA, can easily replace the paper request forms with web forms. The HR department or hiring manager completes the form online in lieu of the paper. Workflow processes automatically take over and distribute the information to the appropriate parties for approval or action. Active Directory and email accounts can quickly and securely be created while emails can be delivered to the system owners to insure provisioning occurs and hardware requirements are fulfilled. As items are completed, the owners indicate such in the portal allowing for ease of tracking.
A similar process can easily be set up for termination. Instead of HR sending the help desk an email, a quick entry into a web form can kick off the entire account disable and delete process. This allows for a much better level of security and reduces the risk a terminated employee will continue to have access to systems for days, weeks or even longer!
Once the “electronic” forms are in place, more time can be spent defining further requirements such as Role Based Access Control, electronic interfaces to other systems and even employee self-service. The net result, however, is a quick win for the entire organization – reduced paper work, better accuracy, timely account creation and, just as important, account deletion.
For more information, please visit our website to learn more about our phased approach Tools4ever.com.
Wednesday, September 21, 2011
Subscribe to:
Posts (Atom)