5 Reasons to Delegate Your IT Administration

For IT leaders, the work keeps piling up. In fact, in our recent study on the impact of the pandemic on IT organizations, a whopping 86% said their workload has increased. That’s part of the reason we are releasing Delegated Administration, a new tool to delegate administrative tasks via scoped, custom permissions, so you can share the workload , eliminate bottlenecks, and reduce ticket response time.

34% of respondents said their workload increased moderately while 25% said it increased significantly since the start of the COVID-19 pandemic.

Delegated Administration allows you to create custom privileges that can be granted individually or as part of a role. It currently covers Users, Apps, and Roles, and in an upcoming release, will also support Events and Reports, and will then move to other areas of the product, such as Groups and Policies.

Here are a few ways to use Delegated Administration:

  1. You’re a small IT team supporting a large company
    Or an IT team of one supporting 100 employees, which we’ve heard is common from many small- to mid-sized companies. In this case, it’s often prudent to ask some department heads to take on their own team’s access requests. However, typically, you would need a manager’s approval anyway, and this way, the manager can speed up the access process for their own team. It’s a win-win.
  2. You’ve recently been breached through a highly privileged account
    This could have been a socially engineered attack (pretending to be a boss or other higher-up who needs credentials), or other means of accessing a highly privileged account, but either way it’s bad news. It also means that you can reduce the chances of a second attack of this type by limiting access to only the services your users truly need.
  3. Your security team is growing
    Often when a security, risk, and compliance team starts growing, it means that access levels and security policies will need to be revised. The next logical step down the road is reducing risk, so fewer people have certain types of permissions. Time to get ahead of their requests to reduce risk!
  4. Your company is acquiring another company, and you want to keep things separated but managed by central IT
    The stress of onboarding a large amount of new users can be reduced, thanks to Delegated Administration. When your new team starts, you can give super admin permissions to the primary IT person, but scope it so it’s ONLY for their users. That way, they can still handle it as if they were a second company — without granting them access to all users within your organization.
  5. You’re looking for a way to be proactively security-first
    Maybe you’ve been hearing about the principle of least privilege and Zero Trust. After all, President Biden just signed an Executive Order that describes Zero Trust Architecture (ZTA) as allowing users “full access but only to the bare minimum they need to perform their jobs.” Earn some brownie points from your boss and audit your organization’s access by scoping permissions down to only what users truly need.

If any of these scenarios sound familiar, it’s time to start learning how to set up your OneLogin environment to take advantage of Delegated Administration. Check out the documentation and the demo video to see how it can work for you.

About the Author

Kayla Gesek

Kayla is a product manager at OneLogin with a passion for balancing user experience and strong security practices. With 10+ years of experience in Silicon Valley, ranging from small startups to corporate giants like Walmart.com, Kayla loves to champion data, customer feedback, and advocacy.

Related Articles