EUA solutions also bring continuity. By centrally managing workers' access to directories, databases, servers, legacy applications and identity-management applications, these products let you migrate access rights and resources as an employee changes jobs within the organization and revoke rights when an employee leaves. Centralized auditing offers a complete view of who was granted access when and by whom, and workflow capabilities ensure that security policies are followed.
Finally, employee-provisioning solutions provide financial benefits, however indirectly, by increasing employee productivity, enterprise security and workflow automation.
From Zero-Day Start...
New hires require the basic office equipment--a desk, a computer, a phone--as well as access to job-related systems and applications. If all isn't in place, a new employee can't immediately become a productive member of the organization. And colleagues might waste time attempting to set up the correct access for the new co-worker. You need to be able to click a button and generate a "zero-day start" process--complete provisioning in less than a day.
You need a similar process when an employee moves from one role to another. Modifications to existing rights and migrations to new groups take time to perform and verify. But because the employee has access, there often is no rush to perform the migrations. Automating such processes ensures correct provisioning as soon as possible.
...To Zero-Day Stop
When employees leave, their access rights must be removed from some or all systems. If the original rights were granted without sufficient documentation, revoking rights will take some time. It's possible to overlook some systems, leaving unused and unmanaged user IDs and passwords in applications, thereby opening security holes. An EUA solution automatically removes all issued user IDs and passwords across systems, following defined business processes. This occurs even for access granted outside the system, if the system was synchronized before the revocation process kicked off. This practice is often referred to as zero-day stop, because it almost instantaneously removes all resources and accounts used by an employee leaving the organization.
An EUA solution's auditing and reporting features document what access levels were granted to which systems at what time. These trails provide information for security-policy reviews and a better understanding of the access necessary for roles across systems. If administrators, for example, are given access to systems above and beyond the documented set of systems, the EUA solution's auditing and reporting tools will show this pattern and may suggest you adjust your security policy, saving time in the future. If employees are being granted access that violates security policies, the software will help determine why it is occurring or point out that someone needs a reminder of the corporate security policies.
RSS
