How often has a customer sat waiting on an access request, only to discover that it was delayed because the approver left the company and there was no replacement? This is an all-too-common scenario, and one that can be handled with vacancy management. If all of the data/access approvers (owners) can be identified, they can [...]
Vacancy Management and Hierarchies Part 2: Line Management Hierarchy
August 18, 2010 By
In this month’s Introduction, three hierarchies were introduced. We continue the series discussing the first of those: line management. The line management hierarchy is the most common of the approval hierarchies, the most frequently-used, the easiest to understand, the most highly sought-after, and possibly the hardest to develop because it encompasses everyone in the organization. [...]
Identity Management Series – Vacancy Management and Hierarchies Part 1: Introduction
August 11, 2010 By
So far in this series on identity management, the focus has been on activities and cleanups for data that is ultimately handled by identity manager. Now we shift the lens to focus on an element of role manager – building hierarchies and managing vacancies. This is actually one of the big advantages that role manager [...]
Identity Management Series – Role and Rule Basing Part 5: Implementation and Cleanup
July 1, 2010 By
The final step in this month’s activity is to implement the roles and clean up any extraneous access that’s left behind. As in the previous segment, the distinction between enterprise and IT roles doesn’t matter, so I will generalize. The reason for this is that what you implement depends on your strategy – as defined [...]
Identity Management Series – Role- and Rule-Basing Part 4: Documentation and Approval
June 28, 2010 By
Once all of the roles are defined, it’s time to document them and obtain approval for their use. We’re now past the point where the distinction between enterprise and IT roles matters, so in this segment I go back to the generic term, “role.†Documentation and approval Once testing is complete, the final roles should [...]
Identity Management Series – Role- and Rule-Basing Part 3: Designing and Testing IT Roles
June 25, 2010 By
Now that enterprise roles have been identified and prioritized, it’s time to tackle IT roles, and figuring out IT roles is where the rubber meets the road. Chances are, neither the department heads nor the HR team can help on this one. It’s up to the identity management team and business “power users†to determine [...]
Identity Management Series – Role- and Rule-Basing Part 2: Identifying & Prioritizing Enterprise Roles
June 22, 2010 By
The first step in role- and rule-basing is identifying and prioritizing the enterprise roles. This sets the direction for the entire effort, which – make no mistake – will be time consuming. Doing some thoughtful planning up-front is therefore imperative to ensuring that you don’t start out off-track. Identifying the roles in the organization is [...]
Identity Management Series – Role- and Rule-Basing Part 1: Introduction
June 18, 2010 By
At this point in the identity management process it is time to consider what access the company’s job functions should have to begin creating roles and rules. This is the first step in automating provisioning and de-provisioning. Even without automation, creating and managing the roles and rules will make manual provisioning (and auditing!) quite a [...]
Identity Management Series – HR as a Source of Record Part 5: Reliability and Accessibility
May 26, 2010 By
We’ve now gone through the employee’s full lifecycle and discussed how to interpret and manipulate HR data to facilitate automation in identity management for new hires, transfers, and terminations. We wrap up this this month with a focus on the accessibility and reliability of HR data. At a minimum, you should know what to expect [...]
Identity Management Series – HR as a Source of Record Part 4: Terminations
May 24, 2010 By
In the last article, we discussed how to identify access transfers from HR data. Now we’re in the home stretch: terminations. Compared to transfers, terminations are pretty easy, but there are a couple of gotchas, as mentioned in this month’s introduction. A termination in the HR system means the employee is no longer getting paid. [...]
Engage with Michael Santarcangelo