Cloud Identity - Lifecycle Management

Manage users across your staff turnover period
image

Key Features



Role-based Account and Entitlement Provisioning

Cloud Identity helps organizations deal with many user lifecycle management challenges with its Lifecycle Management module. The key component of this module is ‘Role-based Account and Entitlement Provisioning’ which allows the solution to be effective within the various scenarios that may come up during someone’s journey within an organization.

Our solution creates accounts and assignments for new and existing users across business applications based on user attributes and roles. Admins may create dynamic or static roles. Access to business apps is then provided based on role memberships.


image


image


Birthright Provisioning

Anyone joining an organization gets access to certain systems and apps as part of their default access. Examples are using an AD account to login to the OS or to join the domain, an Email account, Office 365, etc. Different organizations have different accesses to be provided based on the prevalent processes and organizational rules.

Based on these rules, Cloud Identity enables the necessary accesses to different systems and apps to be automatically granted to new users.”

Promotions and Transfers

Cloud Identity automatically adjusts user access across business apps and entitlements based on promotions and transfers. It systematically provisions the necessary accounts and entitlements relevant to the new role of the user. The accounts and entitlements that are no longer relevant to a new role are de-provisioned. Provisioning and de-provisioning is done according to the rules that are defined by the relevant apps and its entitlements are configured for the role.


image


Suspension and Restoration

Cloud Identity automatically suspends or deletes users who are marked as Suspended in the integrated SoT – CSV, Enterprise Directory or HRMS. Based on someone’s status , their accounts in the various target apps are also suspended or deleted.

When users are marked as “Restored” in the integrated SoT, the solution automatically reactivates all their accounts and enables all their accesses.

De-Provisioning and Termination

When someone leaves an organization, Cloud Identity automatically revokes their accesses across all business apps, eliminating the need for it to be done manually. This enforces Statutory and Regulatory compliance and ensures effective security.

Access Requests- Accounts and Entitlements

People need access to different business applications at different times.

Cloud Identity allows users to request access to any onboarded app or request for additional entitlements within an app. Based on the configuration of the workflow, these requests are sent to the relevant authority for approval. Upon approval the accounts are provisioned automatically.

The solution also allows users to request for the termination of any existing entitlement or access to an app.

image

Approvers can approve, delegate or reject access requests on the Dashboard. They can also modify the request by changing requested entitlements and/or changing the duration of access. Requests can also be modified by changing the requested entitlements and/or by changing the duration of access.

Time Bound Access

Cloud Identity features time-bound access. It ensures that a provisioned account or entitlement will be revoked once a specified period is complete.
The solution also allows users to request for an extension of access.

Manager Initiated Access and Termination Request

Cloud Identity allows managers to request access or request the termination of an application or entitlement on behalf of employees. These requests follow, multi-level approval workflows before the request is fulfilled.

Multi-Level Approval Workflows

Cloud Identity allows admins to configure multi-level workflows for access requests to roles or apps.

Admins can choose a role as the approving authority at each level of the workflow. They can also specify if everyone or only one person needs to approve the request.

The solution has preconfigured workflows for all apps. You may have custom workflows configured for each entitlement and app

Top