Welcome to part 1 in this 3-part series which sheds some light on how identity lifecycle management solutions, including how Fastpath capabilities can help simplify and secure IT access for your organization’s joiners, movers and leavers.
First let me briefly explain what we mean by identity lifecycle management solutions and Fastpath.
Identity Lifecycle Management also referred to as ILM is the practice of making sure the right people have the right access to the right systems at the right time with the ability to revoke access when it is no longer required.
At Fastpath our identity security solution is known internationally for its ILM capabilities, but as we can also provide auditing functionality to monitor who has access and when, this is more broadly referred to as Identity Governance and Administration or IGA.
So let’s get right to it and look at how Identity Lifecycle Management works for new joiners starting at your organization.
When a new employee is hired, they need to have all of their IT accounts created and be given access to all of the required systems. They will probably need an email account created, they need to have accounts created in any IT system they will use, they also need to be given access to appropriate file shares and other resources.
Obviously, not every new employee should be given the same access. In addition to provisioning a baseline set of access that all employees get, often referred to as Birthright Access, employees will need access specific to their job function.
A new employee’s journey usually starts with HR. The HR team ensures the new employee gets paid so everyone is motivated to make sure that process happens promptly and accurately! A lifecycle management solution will monitor the HR system to look for new employees, then automatically provision access for the new employee. Employee access can be evaluated based on access control policies to ensure the new employee gets exactly the access that they need.
If accounts are needed in external systems, those can also be provisioned in accordance with the access policies applied to the new user. A good identity lifecycle management solution will ensure that a new employee has all necessary access to email and other systems set up from day one of their employment so can start productive work immediately – a Zero-day Start.
Fastpath’s solution provides a full identity lifecycle management solution to automatically handle provisioning new user access.
Fastpath ILM solutions can monitor your HR System for any new employees. After the employee data is entered into the HR System the user record is created based on that data.
Attributes from the employee’s record in the HR System are mapped to corresponding fields in our identity lifecycle solution. If necessary, Fastpath can transform the incoming data with transformation pipes – for example, maybe your HR system uses the UK date format, and you want to manage dates in US format – Fastpath can change the date format on the fly.
Once the data is in the Birthright Access (a baseline set of access that all employees get) will be determined from the new employee’s data and access Roles will be assigned.
Fastpath will then create accounts in the external systems and automatically provision access as needed for the Birthright access and Roles calculated.
Additionally workflows can be configured to send notifications to the employee’s manager and to the new employee.
I hope part 1 in this 3-part series has been useful and shed some light on how identity lifecycle management solutions can help simplify IT access provisioning for your organization’s joiners.
Interested in learning more about Fastpath's Identity Lifecycle Management through IGA? View "Reduce your IT workload with Identity Governance and Access Controls" on-demand by clicking the button below: