Automating Egnyte User and Role Provisioning For Increased IT Security and Productivity
Automatically provisioning and de-provisioning employees with the right applications and privileges not only improves IT productivity, but is critical to increasing IT security and compliance. Consider this real life example: You hire a new employee and issue him a corporate email address and login credentials. He uses his corporate email address to sign in to various systems like email, CRM, and your Egnyte enterprise file sharing system. But how do you ensure that each employee is provisioned with the right entitlements inside each app? What happens when that individual leaves the company? How do you, as an organization, access and control all the data produced by the employee while also ensuring that he can no longer access the data after he’s moved on?
Manually creating, updating and deleting users in cloud apps burn up valuable IT resources. Worse yet, leaving active SaaS seats for former employees wastes money and poses a security risk. The good news is that when a new user is created or deleted in OneLogin, Active Directory or your LDAP Server, OneLogin will push that change to Egnyte and your other cloud applications in real-time.
Basic User Provisioning is Good, Adding Entitlements is Better
OneLogin’s deep integration with Egnyte goes one step further. OneLogin not only creates the user, but can even set entitlements. For example, upon creating a new user in Egnyte, OneLogin can automatically assign the new user to the Admin, Power or Guest role within Egnyte as shown in the OneLogin screenshot below:
In this example, we’ve created some simple entitlement mappings in OneLogin that say if a user is part of the Employee Group in Active Directory then they should be assigned to the Power User Role in Egnyte. However if they are part of the IT Admin Group in Active Directory, then they should be given the Admin Role in Egnyte.
One-Click Deprovisioning Secures Your Sensitive Business Data
Real-time Active Directory integration is useful when people join an organization, or gain responsibilities, but absolutely critical when they leave or lose responsibilities. With OneLogin, you can instantly disable Egnyte access for leavers in real time by removing them from Active Directory, and there’s no need to check back later. That’s peace of mind.