home
NEWS       BLOGS       FORUMS       NEWSLETTERS       RESEARCH       EVENTS       DIGITAL LIBRARY       CAREERS  
Network Computing Network Computing Powered by InformationWeek Business Technology Network

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |		 APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers


Technology Business Applications
F E A T U R E  
Employee Provisioning

  August 19, 2002
  By Lori MacVittie


TOC Issue TOC
Printer Print full article
Printer Print this page
Printer Download as PDF
E-Mail E-Mail this URL
flame author Flame the author
 
  In this article
arrow
 Introduction
arrow
 Wrong Side of the Law?
arrow
 A Bite Out of Password Costs
arrow
 Executive Summary
arrow
 Online Only: Does HIPAA Affect Me?

Provisioning and revoking employees' access rights and resources can be excruciating processes for everyone involved. In fact, the issue of properly managing employee information is likely one of the few headaches shared by those in IT, human resources and facilities management.

Departmental conflicts and ill-defined provisioning processes can raise problems from the start. And these difficulties can hurt a new hire's productivity, open security holes when an employee leaves the organization and delay an employee's move to a new role.

Employee-provisioning, or EUA (enterprise-user administration), solutions provide an automated and centralized method for managing access rights across an organization's systems. By 2004, 40 percent of enterprises will implement EUA products to manage their entire business-transaction flow and user-access requirements for Web and non-Web applications, according a recent Gartner report. These solutions promise to alleviate the difficulties in managing employee access to the systems and resources within the organization not only by automating the provisioning and revoking of user IDs, passwords and so on, but also by managing the business-process flow that accompanies such activities.


EUA solutions also bring continuity. By centrally managing workers' access to directories, databases, servers, legacy applications and identity-management applications, these products let you migrate access rights and resources as an employee changes jobs within the organization and revoke rights when an employee leaves. Centralized auditing offers a complete view of who was granted access when and by whom, and workflow capabilities ensure that security policies are followed.

Finally, employee-provisioning solutions provide financial benefits, however indirectly, by increasing employee productivity, enterprise security and workflow automation.

From Zero-Day Start...

New hires require the basic office equipment--a desk, a computer, a phone--as well as access to job-related systems and applications. If all isn't in place, a new employee can't immediately become a productive member of the organization. And colleagues might waste time attempting to set up the correct access for the new co-worker. You need to be able to click a button and generate a "zero-day start" process--complete provisioning in less than a day.

You need a similar process when an employee moves from one role to another. Modifications to existing rights and migrations to new groups take time to perform and verify. But because the employee has access, there often is no rush to perform the migrations. Automating such processes ensures correct provisioning as soon as possible.

...To Zero-Day Stop

When employees leave, their access rights must be removed from some or all systems. If the original rights were granted without sufficient documentation, revoking rights will take some time. It's possible to overlook some systems, leaving unused and unmanaged user IDs and passwords in applications, thereby opening security holes. An EUA solution automatically removes all issued user IDs and passwords across systems, following defined business processes. This occurs even for access granted outside the system, if the system was synchronized before the revocation process kicked off. This practice is often referred to as zero-day stop, because it almost instantaneously removes all resources and accounts used by an employee leaving the organization.

An EUA solution's auditing and reporting features document what access levels were granted to which systems at what time. These trails provide information for security-policy reviews and a better understanding of the access necessary for roles across systems. If administrators, for example, are given access to systems above and beyond the documented set of systems, the EUA solution's auditing and reporting tools will show this pattern and may suggest you adjust your security policy, saving time in the future. If employees are being granted access that violates security policies, the software will help determine why it is occurring or point out that someone needs a reminder of the corporate security policies.


start top Introduction Wrong Side of the Law? 





Looking for a new job?

Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
IT Jobs Stabilize; Tech Unemployment Rate 5.5%
The tumbling of IT jobs stopped in the second quarter, as the IT sector added about 44,000 jobs.

Oracle Execs See First Hints Of IT Spending Turnaround
It's just a glimmer, but Oracle is starting to see a bit of light at the end of the recession tunnel.

More articles from our career center










2009 IT Salary Survey: Meager Raises, Solid Prospects
Though raises are notably smaller than a year ago, and job security’s shrinking, IT careers are looking safer than many others in this economic downturn. Get all the findings in InformationWeek's 2009 IT Salary Survey. Available FREE for a limited time.
 
ROLLING RIGHT ALONG
Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








TechSearch
Microsite of the Week


Powerful Information at Your Fingertips



Techweb
Informationweek Business Technology Network
InformationweekInformationweek 500Informationweek 500 ConferenceInformationweek AnalyticsInformationweek Events
Informationweek MagazineGlobal CIOIWK Government ITbMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingPlug Into The CloudDr. DobbsContentinople
space
TechWeb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0Mobile Business ExpoNoJitter
Black HatGTECEnergy CampCloud ConnectGov 2.0 ExpoGov 2.0 Summit
space
Light Reading Communications Network
Light ReadingLight Reading AsiaUnstrungCable Digital NewsInternet EvolutionPyramid Research
Heavy ReadingLight Reading LiveLight Reading InsiderEthrnet ExpoTelco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems and TechnologyInsurance and TechnologyWall Street and TechnologyAccelerating WallstreetBST SummitBuyside Trading SummitIT Summit
space
Microsoft Technology Network
MSDNTechNetTotal IT ProTotal Dev ProNET Total Dev Pro CommunitySQL Total Dev Pro Community
space


App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |  Advertising Contacts  |   Briefing Centers
Copyright © 2009  United Business Media LLC  |  Privacy Statement  |  Terms of Service