Governance for services and entitlements
Safe, automated, reliable
Safe, automated, reliable
Automated check
Not everyone likes to end services. Use IT not only to manage services, but also to authorizations, accounts and accesses in particular.
Some access or account can certainly be assigned for a limited period of time. SavvySuite not only enables automatic terminations, but also supports regular checks of the assigned accounts and authorizations, our so-called recertifications, based on sets of rules with cyclical or triggered by organizational changes.
Either an employee himself confirms that he still needs an account, or a responsible person determined on the basis of the context confirms that an employee may continue to use a service, an account or an authorization.
Who is actually allowed to order an iPhone and are there then also approvals. A service catalog is not always just about status symbols, technical dependencies or organizational conditions in the company. Aspects such as data security and costs often also play a central role. And it is not only the service catalog that is relevant as a central entry point; changes to the employee or time requirements can also mean that the further use of a service by an employee requires rules and, for example, further approval.
Who has what authorization, since when and why? Who can answer this question and who cares at all as long as nothing happens?
When it comes to permissions, directory services or other services, the question often arises as to what is actually available and is it even true. The classic inventory. In every enterprise resource planning system there is a target status, what should be in stock or in use, and an actual status, what is actually still in the warehouse. The same is often true for IT. What should be is determined by the identity management system. Because only here are the sets of rules and automatisms mapped and the releases made. If the actual state in a target system, such as a directory service, deviates from the target state, there is a problem.
The trainee goes through various departments in the company and diligently collects authorizations and services in each department. Who has never heard of this example. In reality, it’s often not quite as bad, but a collector mentality, often referred to as “a lot helps a lot,” is actually quite pronounced. However, no one likes to quit something on their own and not everything can be sensibly taken away automatically. Therefore, it is important to question the need for an authorization or the use of an expensive software from time to time and, based on this, to cancel it automatically. This can be done either by the user or by someone who is responsible for a service or area.