Identity management: why wait a week for access to biz apps?
- Posted on February 28, 2017
As a Security Consultant, I have spent the last 5 years of my career working to improve the security of Avanade’s clients using Microsoft security technology. One area of security I specialise in is corporate identity management, using these skills I have helped clients improve their joiner, mover, and leaver changes through automation and process improvement.
One challenging area of identity management is brought about when 3rd party identities are required. Almost all 3rd parties face the challenge of obtaining the all-important identity that allows them to log on to their clients’ IT environment for the duration of their engagement. More often than not I have seen this taking a week or longer to be issued if the client doesn’t already have a well-established process and tool already in place. Regardless of the IT system they need to use, without an identity issued by the client, all they can do is wait and be as productive as possible whilst the identity is provisioned.
When you multiply this problem and this lost productivity by every 3rd party in this situation then it is clear this is not a trivial issue.
The business itself usually finds this area challenging to manage as it requires complex people driven processes, which take up time and resources. Plus, there is associated time and cost spent managing these identities from joining through to leaving. This could cost some medium to large organisations a significant amount per year in lost productivity and time.
This loss of productivity and time can be easily remedied by modern technology and processes.
Avanade have developed a unique approach to solving this challenge for our clients. The solution is a modern web based 3rd party identity management solution which leverages the power of delegation, empowering 3rd parties to manage their own identities and allowing them to assign pre-approved access to business applications.
Through this delegated control model, clients can entrust their 3rd parties with the privilege to manage the lifecycle of their own identities. 3rd party administrators are able to create, update and delete identities as required by the client, removing the need for internal IT to be involved in the day to day creation and maintenance of 3rd party identities.
This solution has been designed for the hybrid cloud world of today and can integrate with any Azure Active Directory to begin managing the lifecycle of 3rd party identities and their access to Azure AD integrated applications, such as Office 365, Workday and ServiceNow.
Built with security and compliance in mind, auditors will be able to run monthly attestation campaigns to ensure access is current and up to date. Audit reports provide insight into the actions being carried out within the solution to ensure trusted 3rd parties are remaining compliant.
With this identity management solution in place, a 3rd party need never wait an extended period of time for a new identity again.
Later this month, I’ll be a running a webinar session demonstrating how our solution can be used to solve this common identity management problem.
Please join me on March 15 at 3:00 p.m. GMT to learn how more about the 3rd party identity management problem and our approach to solving it. Register here: https://pages.avanade.com/IdentityManagement-Webinar-Registration.html