What is Identity Management?

Who benefits from identity management?

Sustainable

Ensure good identity data

Identity Management has always been a central part of our SavvySuite DNA. Only if I reliably know the identities in my company can I offer an intelligent service catalog that takes into account the context of the employees.

Often it is difficult for IT in the company to be really up to date regarding the quality and quantity of identities. Sustainable processes around the maintenance of identities, especially from an IT perspective, are therefore essential and not only increase security.

The situation of having more identities with access to services in one company, which are actually still working is more than a serious concern.

Making the employee known in IT, mapping his or her ’lifecycle

Employees and organizational data are the linchpin when it comes to managing processes and sets of rules in companies. Generally speaking, employees in the context of rules and regulations and the organization are the basis for successful governance.

Most of this data originates in HR (HCM/HR) or commercial systems (ERP), which map the contractual views from a company perspective.

For your IT, data around the employee plays an important role.

  • They are the basis for providing personalized services

  • They are a mandatory for efficiently mapping processes related to requests, service provision and fault handling,

  • They allow you to set up an internal allocation of services via assignments in the organization.

  • Authorizations are granted on the basis of this data and can be revoked again when the employee leaves the company.

Den Mitarbeiter in der IT bekannt machen, seinen „Lifecycle“ für die IT abzubilden und aus den Veränderungen am Mitarbeiter die richtigen Schlüsse für die IT zu ziehen, ist daher die zentrale Aufgabe eines Identity Management Systems.

How SavvySuite helps you

Usecase: Onboarding of an employee (German only)

The identities in the company

Internal employees

The internal employee, be it a trainee, a part-time employee, the new managing director or the father on parental leave. Each of these employees takes on a task, changes over the course of their time with the company, and develops. In addition to the employees themselves, the company also undergoes organizational change. It grows, shrinks, merges divisions or spins them off. All of this has an impact on the company’s IT.

  • Internal employees don’t originate in IT, they come from HCM/HR systems, which then lead the way for most of the attributes of an internal employee.

  • However, not everything that is relevant to an internal employee from an IT or activity allocation perspective is also mapped in the HCM/HR systems.

  • IT thinks in processes, the HCR/HR world sometimes does too, but often differently. It is important to map the HR/HCM processes to IT. Not only information, but also processes.

  • It is necessary to determine which changes in HCM/HR views of an internal employee are relevant for IT and the services he or she uses.

  • The right conclusions must be drawn from the changes to the employee for the IT services they use.

  • Some data of an internal employee only changes in the IT view and must be managed there and centrally provided and coordinated within the IT landscape.

External employees

The external employee, whether from a service provider, customer or external supplier, works in the company, uses resources, performs tasks and is often only inadequately mapped within the IT processes. External employees in particular pose special challenges in terms of governance and security, as the periods of employment and fluctuations are often longer, but IT is less likely to be aware of these changes.

  • Handeling external employees in a company is often a security question. As a rule, they are not managed in HR systems. In some cases, they are present in contract management, but usually only in the abstract.

  • IT still needs to know external employees, as it also needs to map processes for them to use internal IT services.

  • From the perspective of a license manager or security, there are often more employees than actually work for the company

  • External employees today often still have an AD account to use the services in the company and sometimes get an external email address. This also needs to be managed.

  • In some environments, some external employees only have guest accounts. External employees work in the corporate environment with their company’s account, but are authorized as a guest. (O365 Guest Account Management with SavvySuite).

  • External employees often need to be clearly distinguished from internal employees, and issues that give the impression of employee leasing need to be actively avoided.

Challenges

  • It is often difficult for IT in the company to be really up to date with the quality and quantity of identities.

  • The situation of having more identities with access to services in the enterprise than are actually still working for a company is more than a serious problem, not only from a security perspective.