USE-CASE
User on- and offboarding
The challenge revolves around securely managing new identities in an organisation. Onboarding involves configuring accounts, setting access privileges, and aligning with security policies, while offboarding requires withdrawing access to prevent breaches and retaining data for future reference.
Problem
The challenge with new identities
How do you ensure the accurate addition of a new identity in your organisation? More importantly, how is this accomplished securely?
The process of onboarding a new employee into the organisation's IT systems is a complex procedure that involves configuring user accounts, establishing access privileges, and ensuring alignment with the organisation's security policies.
Raw data may be dispersed across different systems, and access rights to services and software can vary based on departments or job roles. Even more crucial is the offboarding process for an identity. Withdrawal of access rights to all systems is essential to mitigate the risk of breaches. Simultaneously, some data needs to be retained for future reference.
Apart from the absence of MFA, the lack of control over on- and offboarding poses the greatest security risk for organisations.
Answer
Simple on- and offboarding
PhenixID's solution for on- and offboarding identities is as simple as clever. The IT administrator utilizes the tool to formulate policies (“scripts”), tailored to each type of event that involves management of identites.
A typical use case involves a policy that checks the HR database nightly to identify any closed employments. Upon detection, the user's data is enhanced by generating email and passwords in accordance with the organisation's policies, and access to the relevant systems is granted and addition in the remote user store if necessary. Enriching the identity data is possible by a large set of integrations to internal and external systems, for example to lookup information about the user in governmental databases.
Another policy manages offboarding scenarios, while a third addresses situations where an employee changes positions within the organisation. These policies are established by selecting from a comprehensive set of predefined actions, such as "create username," "fetch data from the database," "delete access," "send mail," and "write to AD", all customizable to fit your organisation needs. If the list of actions does not meet specific requirements, it is easy to add customised actions tailored to your demands.
Result
Streamlining Onboarding and Offboarding for Enhanced Security
Overall, the result is a more efficient, secure, and customizable identity management process that reduces the risk of security breaches associated with on- and offboarding. The solution enhances control over user access rights, aligns with organisational security policies, and provides a flexible framework to adapt to the unique needs of the organisation.
