Simply put, user provisioning is the process of creating, updating and deleting user accounts in multiple applications and systems. This can sometimes include associated information, such as user entitlements, group memberships and even the groups themselves. Many organizations have moved to automated user provisioning, which is the systematic creation and management of user data relative to users’ ability to access resources, such as applications, that are available in one or more systems. Accessible systems can be on-premises, cloud-based, or a hybrid of the two.
Automated user provisioning is one of the main features of many identity and access management (IAM) solutions. Provisioning comes into play when an employee joins an organization, moves to a different department or division, or exits a company. This is known as the joiner/mover/leaver (JML) process. By integrating an IAM solution directly to HR and personnel systems, you connect the process of creating/updating/deleting user accounts with HR actions. Actions that result in changes to HR data, such as those related to employee onboarding and offboarding, can automatically result in changes to permissions for accessing systems and applications tied to corresponding employee accounts.
User provisioning provides the following key benefits:
In a basic automated provisioning workflow, you add users to apps based on specific user roles. Whenever a user is assigned a role, that user is automatically created in the associated app and granted access permissions. In the diagram below, once a new user is provisioned, that user is added to the Sales role, and is therefore granted access to the apps associated with that role. In this example, the provisioned user can access to Salesforce, Office 365, and G Suite.
When it's time to deprovision former employees from apps, you want a solution that lets you simply change the user’s status, so that the user's accounts in all apps will be deleted or suspended, depending on the configuration preferences that you set.
The risk of costly security breaches for companies who fail to provision properly or deprovision quickly is huge: the average cost of a data breach is $148 per record and $7.91 million per breach in the U.S. As a result, breached companies often underperform the market for years following a major breach, and 60% of small businesses fold within six months of a successful attack.
Automated user provisioning helps keep your company secure by ensuring employees have access only to the apps they need. Automated user de-provisioning helps keep your company secure by ensuring that whenever an employee leaves, their access is automatically removed for all connected applications. In addition, all existing user sessions are removed to reduce security risk.
Thanks for signing up.
We’ve sent a verification email to
To complete your trial sign up, please check your email and follow instructions to verify. You may need to check your spam. You will be prompted to set up a password and log in. Please note that your user name is your email address.
Showcase of HR-Driven Identity Automation with a OneLogin customerRead More
Use Identity and Access Management (IAM) to ensure that employees and entities have the appropriate level of access to company resources.Read More
Failure to de-provision can lead to costly breaches. Increase security by implementing a provisioning solution that protects your business and ensures that employees stay productive.Read More
Onboarding and offboarding can be administered more easily and securely with provisioning and deprovisioning.Read More