Identity Management (IdM) immediately revokes the entire access when employees/vendors resign from their job.
“IdM Creates, modifies and terminates user privileges throughout the employee’s life cycle since hiring, promotion, mutation, until termination day”
| BEFORE | AFTER |
|---|---|
| Users wait for 3 weeks until their entire UserID is ready to use. | UserID and password will automatically be created when a user is hired on HR system |
| Up to 40% of help desk call is related to reset password. | User can reset password by themselves (or on behalf his/her team mate), and the new password will be delivered by email. |
| In order to get access to new application, a user has submit their requests by paper, approval and work order take a long time for paper-based request like this. | User can submit their request online, approval can be done via e-mail reply or mobile application, and provisioning is automated by system. |
| When an employee leave the company, IT Administrator needs to manually discover the employees UserID in the entire application since the hiring, mutation, promotion, until the termination day, to properly revoke his/her entire access. | When and employee marked as terminated in HR system, IdM will immediately revoke his/her entire access to all application in the company. |
| Hard to provide reports for IT Security audit purposes, since every application has different report. And usually an employee has different UserID from one application to another. | All reports related with user access list in the entire application can be easily provided by IdM. |
benefits
- One business day UserID creation for New Employee
- Immediate Revoke Access for Ex-Employee
- Paperless Self-Service for new application request
- Paperless Approval by Email or Web
- Less Helpdesk Call related to Password Reset
Identity Management (IdM) provides a single product that protects, automates and tracks individuals’ use of account access. The solution enables companies to centrally manage and audit a pool of user identities, which can be accessed by authorized people within their specific business roles. Identity Management thwarts insider threats by providing controlled access to user credentials.
IdM in Gartner Magic Quadrant is known as Identity Governance and Administration, it was formerly known as User Administration and Provisioning. IdM primary focus is on granting the right access to a valid user, and immediate revoke for off-boarding employee to eliminate orphan account. In the background, it does the periodic reconciliation to identify backdoor account, thus it can prevent internal fraud. IdM is the provisioning source for other Access Management family such as Single Sign-On, Web Access Management, and Privileged User Management. While for Identity Federation family, IdM provisions the UserID / authentication to Identity Provider (IdP) and the role / authorization to Service Provider (SP).
IdM best practice is to control the entire internal user (such as employees, outsourcers, and vendors) in all core applications (such as ERP, CRM, SAP, Core Banking, custom Front End), operating systems (Active Directory, Windows, Unix/Linux, AS/400) and critical perimeters (Access Management, Privileged Management, VPN, Gateway, Firewall, etc). And then IdM can be expanded to control other system such as Card Processing System for PCI-DSS compliance, or Financial systems for SOX compliance, or to any other system (such as email, internet proxy, database, network peripheral, cloud services, etc) for operational efficiency.
PT Global Innovation Technology has been an active IdM Vendor in Jakarta Indonesia since 2007.