What is User Lifecycle Management?

July 17th, 2019   |     |  security and compliance, product & technology

Growing your company’s employee base should be a time of excitement and potential. Unfortunately, for IT departments around the globe, it can quickly become a time of dread and frustration. Many organizations manually onboard and offboard users which consumes IT time and resources. Fortunately, there’s an easier way. In this post, we’ll define user lifecycle management, how it works, and why companies should adopt an automated onboarding and offboarding process. Let’s get started!

What is user lifecycle management?

User lifecycle management (ULM) begins the day a candidate accepts a job offer and continues until that employee leaves the company. For HR and IT departments, this means creating user credentials and connecting new employees to cloud resources. User provisioning is the process of creating and managing user access to applications and resources in the cloud. Smaller organizations might manage these processes manually, but when done at scale, the process can become error-prone and time-consuming. Automated provisioning does in seconds what could typically take an IT staff hours to do manually.

How does OneLogin support user lifecycle management?

New hires are typically added to a company directory like Active Directory (AD) or LDAP. OneLogin’s real-time user provisioning solution instantly synchronizes with on-prem and cloud directories to provision new user accounts to commonly used apps like Office 365, Google Apps, and Slack. Additionally, companies leverage groups and memberships to assign users to role-specific applications. For instance, a new hire in marketing may require access to Marketo, Salesforce, and Google Analytics. Adding the new hire to the Marketing group will automatically enroll the user in the required marketing apps, so that they’re readily available on day one. By automating provisioning workflows, IT departments gain operational efficiency and save time which frees up IT resources.

The same goes when an employee leaves a company. Remember we mentioned the risks associated with offboarding former employees? When an employee leaves a company, if they aren’t properly offboarded, they may continue to have access to company apps and resources. Automated deprovisioning offers organizations a “kill-switch” that immediately cuts off access to former employees. Once a user is disabled or deleted from an organization’s directory, a kill switch ensures that the user is immediately terminated from all apps and sessions upon their departure.

Why automate provisioning and deprovisioning?

Automated user provisioning has many benefits. While smaller organizations might be able to manually manage user onboarding workflows, user lifecycle management becomes labor-intensive and time-consuming for growing and larger businesses.

Automated provisioning offers a better onboarding experience for new hires. Instead of manually provisioning users to the apps they need, an automated workflow ensures new hires have the apps they need the first time they sit at their new desk. OneLogin has a growing catalog of pre-integrated apps that enable organizations to automatically enroll new users in the apps they need.

Manual deprovisioning workflows are a thorn in the side of IT departments. Automated deprovisioning limits security risk by ensuring former employees are deprovisioned—not weeks after they leave—but, the moment an employee is terminated. This means former employees lose access to apps and sensitive company data before they even leave the building.

Still need convincing?

Take it from one of our customers. Evernote partnered with OneLogin during a period of rapid growth. For years their IT team managed internal users through a homegrown, on-premise solution. As the company began to scale, the onboarding and offboarding process became more time consuming. As they moved their company to the cloud, they eventually worked with OneLogin to manage the entire identity and lifecycle management of their users with minimal internal IT management. “We have come such a long way, we now have a highly organized, streamlined and efficient process for identity and access management. I can confidently say that since implementing OneLogin, we have experienced a 30% reduction in employee onboarding and offboarding time. I can’t imagine going back to the old way,” said Evernote IT Manager, Shams Mansoor.

Closing Thoughts

Automated provisioning and deprovisioning streamlines user lifecycle management for organizations. Manual workflows that are error-prone and take IT staff hours to complete can be made more agile and efficient through automated processes. OneLogin offers user lifecycle management solutions that deliver a simple, user-friendly experience for IT staff and new employees alike.

If you’d like to automate and streamline user management, check out our real-time user provisioning solution.

About the Author

Tony Smith is a Marketing Communications Manager at OneLogin. He is passionate about developing blog and social media content that helps customers identify and find solutions to their identity and access management challenges.

View all posts by Tony Smith

About the Author

Tony Smith is a Marketing Communications Manager at OneLogin. He is passionate about developing blog and social media content that helps customers identify and find solutions to their identity and access management challenges.

View all posts by Tony Smith

Secure all your apps, users, and devices