IDM & the Holidays: Part III

Now that the holiday season has drawn to a close, the focus of the New Year turns to accelerating growth for many companies. And this often means new hires to support new business.

Previously, I talked about how the holidays can be a real struggle for end users and support techs because of passwords. People forget passwords while on vacation and then come back to work and can’t login causing several support incidents. The solution to this issue was an IDM solution that allowed for end-users to recover passwords while allowing helpdesk users a central point for password management.

The answer to how to manage an influx of new hires is the same as the password issue – a proper IDM solution from IDMWORKS.

To fully illustrate the advantages of an IDM solution with automation let me describe the process for hiring a new employee that I see frequently within different companies and then compare that to what an IDMWORKS IDM solution can do for you.

Common non-automated process:

  • A new employee is hired and manually entered into an HR system such as PeopleSoft or SAP.
  • The hiring manager submits an online ticket or submits a handwritten form to various groups to have new accounts created manually in different systems, often times each account is created by a different application team with no standards or naming consistency so users end up with multiple login IDs and passwords.
  • The new employee shows up on Day 1 with no access to some systems because the manual tasks have not been completed or the account is created but the user lacks all of the necessary permissions within applications to perform the job they were hired to do.
  • The new employee and/or the employee’s manager have to call the help desk to create new tickets or escalate existing tickets to have the required accesses completed.
  • Some tickets get processed that day, other tickets get completed days later.

The net result is that it can take several days for new employees to be able to fully perform their job duties because everything is a manual task that relies on a workforce that may have other priorities that trump these tasks or may be reduced in times like post-holiday where the amount of tickets to be completed simply outnumber the available staff to the point that tickets cannot be processed fast enough. And when dealing with contractors the situation can be even worse. I have seen environments where it has taken up to 6 weeks for contractors to get network access. That is a lot of money being spent on contractors that can’t work as efficiently as they should.

So now let’s take a look at the automated process

Automated IDM process:

  • A new employee is hired and manually entered into an HR system such as PeopleSoft or SAP
  • IDM monitors for changes in the HR system constantly through an automated connection between IDM and HR.
  • IDM detects the new employee record in the HR system and consumes that data into the IDM data repository
  • IDM automatically assesses the HR data to determine what access the employee needs in all IDM connected systems (Active Directory, SAP, time entry systems, internal applications, etc.) and automatically assigns roles within IDM to indicate account privileges.
  • IDM automatically distributes account information to any privileged connected system based on the automatic IDM role assignment. This includes creating new accounts in connected systems, assigning default or random passwords, creating Exchange mailboxes or any other account needs defined in the IDM solution. And through this automation account creation can be standardized so that accounts are created similarly across multiple platforms.
  • IDM automatically generates tickets for any manual tasks that are needed in non-IDM connected systems or for any accesses that require manual interaction in compliance with company policy.
  • IDM automatically generates web based approval requests for any accesses that require additional approvals from management, security or other teams defined in IDM in compliance with company policy.

So as you can see through IDM automation most of the manual actions can be removed from the provisioning process. In addition to having fewer manual tasks the total operation time is significantly reduced. In the most efficient environments the time it takes for users performing manual tasks to complete these operations is a few hours compared to an automated IDM system where the process can usually be completed within a few minutes or even seconds. That is a significant improvement that can be seen in increased productivity and often times reduced costs.

With an IDM solution from IDMWORKS there will be less need for manual tasks and tickets for these processes which can be a belated holiday gift to everyone.