Identity Management (IDM)

Automating Identity

WHY GCA?

What Is Identity Management?

Identity Management (IDM) focuses on the detailed processes involved in managing digital identities throughout their entire lifecycle within an organization. This includes the creation, maintenance, and eventual deactivation of user identities, ensuring that each identity is accurately represented and appropriately managed at every stage. The process follows the JML (Joiner, Mover, Leaver) framework: Joiner involves creating a new digital identity when a user joins the organization, assigning roles, permissions, and access rights based on their job function. Mover entails regularly updating and managing identities to reflect changes such as role modifications, department transfers, or promotions, ensuring that access rights remain appropriate and secure. Leaver deactivates or deletes identities when a user leaves the organization, promptly revoking access to sensitive resources to maintain security. By automating these processes, organizations can improve efficiency, reduce the risk of human error, and enhance overall security. Identity lifecycle management is essential for maintaining accurate and up-to-date user information, which is crucial for effective Identity Governance and compliance.

Identity Lifecycle

Of all the disciplines within Identity and Access Management, Identity Management has the broadest application. The identity management software available from Okta, SailPoint or Microsoft offers an endless list of initiatives to pursue. The good news is that most organizations end up implementing similar solutions with 80% of functionality being similar.

Benefits of Identity Management:

Identity Automation Workflow

Manage, Provision &
De-provision Identities

Streamlined Identity Administration

Streamline User
Administration

IAM Cost Savings

Reduce
Management Costs

Increase Productivity and Efficiency with IDM

Increase
Productivity

Identity Management increases cybersecurity

Increase
Security

IDM helps comply with regulatory compliance

Comply
with Regulations

Benefits of IDM

Identity Management’s Key Benefits:

  • Zero trust implementation
  • Meeting compliance requirements
  • Extending governance to the cloud
  • Reduced risk exposure

Common Identity Lifecycle Management Processes

IDM Data Synchronization
Authoritative Source
A trusted repository that provides the most accurate and reliable information about identities within an organization, such as a feed from HR. This source can be used to drive Identity Lifecycle events, such as JML events. It can be used to automated the Joiner process of new users, the Leaver process of those that leave an organization, or the updates needed as users move within an organization.
IDM Provisioning Connectors

Provisioning Connectors
The essential tools that are used to automate the process of synchronizing data between different systems within an organization. Connectors are the primary tools that do the heavy lifting of ensuring systems and data are kept in sync and policies are evaluated on a consistent basis. By providing automation in the connectors, it reduces the risk of human error, enhances security and improves operation efficiency.

Zero Day Start
New Hire Onboarding
With data from authoritative sources, the Identity Management platform can detect new hires and automatically take action.

Common new hire onboarding process:

  1. Generate a unique network name and email address
  2. Email manager about new hire
  3. Assign birthright roles to the user based on their HR job position or locations
  4. Automatically provision accounts
  5. Send welcome email on employees start date with instructions
Identity Lifecycle Management Leaver Process
Terminations
The leaver process can be launched based on data provided from the authoritative source to ensure disables are handled in a timely manner.

Here is a typical leaver setup:

  1. Deprovision access automatically to all connected applications
  2. Open tickets to manually remove access to non-connected applications
  3. Disable primary network account
  4. Schedule a future job to cleanup accounts from systems (deletions)
  5. Email manager and IT teams about the termination
  6. Allow delegated access to terminated user’s files and emails
IDM Self-Service Processes
Self-Service Workflows
With the identity management system connected to the core applications, workflows can be implemented to enable the workforce to manage self-service type tasks which reduces helpdesk tickets and increases operational efficiency.

Here are some common workflows:

  1. Contractor Management Workflow – Request contractor accounts, extend contractors and terminate contractors.
  2. Non-User Accounts – Workflow to request and manage service, test, admin and mailbox accounts.
  3. Contractor to Employee Workflow – Workflow process to make the necessary changes when a user transitions from a contractor to a full-time employee.
  4. Advanced Access Approval Workflow – Here when an access request is made, particularly for sensitive access, a custom approval workflow is created to ensure specific teams and people sign-off before access is provisioned.

How to Get Started with Identity Management

No matter where you are in your IDM maturity, GCA can help you take the next step. Our IDM workshop can help you determine your current IDM maturity and the specific steps your organization needs to take to continue your journey.

Book a 15-minute call with an IDM expert to get started.

Free Workshop Options

IDM Solutions Partners

SailPoint Technologies

SailPoint
IdentityIQ

Learn More
Microsoft Entra ID

Microsoft
Entra ID

Learn More
Okta Lifecycle Management

Okta Lifecycle Management

Learn More
OpenText

OpenText Identity Manager (IDM)

Learn More