Cloud Security: A potential management nightmare?06/09/2022
Critical Vulnerability found in Linux – Polkit Privilege Escalation (CVE-2021-4034)06/09/2022
Welcome to the first in a series of blogs discussing the challenges of onboarding and offboarding employees from your organisation – otherwise affectionately known as JML (joiner, mover, leaver) processes.
Having worked in business process automation consultancy for a number of years, I had the opportunity to get a close-up view of client business processes and the demand for automating the most labour intensive of these.
By far the most talked about processes were the New Starter and Leaver processes – in fact almost every client I spoke to came up with the same challenges, the same concerns and the same reasons for wanting to automate.
In this series we take a closer look at those challenges and how automation can help to eliminate some of that pain.
One of the main concerns that came up time and time again was access to systems when users move around the business as they change roles or get promoted, or leave the organisation. Research from IS Decisions reveals that at least one in three ex-employees are left with access to systems or data after leaving a company. This is partly driven by the rapid adoption of SaaS applications.
Gone are the days when taking back a building pass and removing VPN access got you most of the way there. Now employees can access business critical applications and data from anywhere in the world, and that access needs to be carefully managed.
Manual Processing Error
Even with a robust mover and leaver process in place, if humans are involved in that process, with the greatest intentions the risk of error still exists. People get distracted, or miss a small detail, or simply don’t follow the process properly. And if you consider the ramifications of an error when removing access to your CRM system or data repository for a disgruntled leaver, these could directly impact your organisation’s revenue and reputation.
And these errors happen all the time. In fact, according to IBM, 95% of cyber security breaches are caused by human error. So, if human error was eliminated entirely, 19 out of 20 breaches may not have taken place at all.
So how do you ensure that your mover and leaver processes are run with 100% accuracy, 100% of the time? How can you be confident that access to your systems, data and portals are removed without delay? The answer, as you might expect, is automation. And the more of the process you can automate, the more risk you’re mitigating.
Automating the Process
When it comes to automating your JML processes, policy-based identity management solutions such as Azure Active Directory (AAD) can get you part way there for applications which are AAD integrated, but what about your on-premises applications, those critical legacy apps that everyone still has knocking about, or your internally developed applications? Many organisations simply include manual steps in the process for those systems introducing unnecessary risk.
Augmenting identity management solutions with a platform such as IA-Connect: JML Edition eliminates those manual steps from your end-to-end processes. When choosing your automation solution it’s important to remember that the more of your process you automate, the less risk there is that errors will occur, and the less risk of error, the lower the risk to your critical data and systems.
IA-Connect: JML Edition is a flexible, cloud-based automation platform which is focused on the end-to-end automation of JML processes.
With over 100 JML-based building blocks, IA-Connect leverages patented technology to provide you with a powerful but intuitive and cost-effective solution to your JML challenges. Our platform empowers you to automate every element of your JML processes quickly and easily.
Get started with IA-Connect: JML Edition today.