As businesses grow, employee lifecycles and the procedures that accompany them become increasingly complex. It’s no longer a case of new hires needing an email account upon joining the company, perhaps being granted access to a company bank card when they are promoted, and simply clearing up their desk when they leave.
Firstly, staff turnover is increasing, with one in seven employees likely to seek a new job each year. Younger generations of workers, known to job hop more freely than their predecessors, are making role transitions more frequent. Additionally, we are witnessing a cross-industry increase in temporary employees like consultants, contractors and even interns.
This boom in joiners, movers and leavers leaves businesses to deal with infinitely problematic identity management processes. Today’s organisations rely on hundreds of devices, applications, shared content and services; each employee’s identity – their role, seniority and department – determines which of these assets they have access to, and the smooth and rigorous provision of these entitlements has a huge impact on efficiency, compliance and security.
That’s why organisations should look to automate the technical aspects of employee identity management in order to drive accuracy and simplicity in these procedures.
Not just an HR problem
One of the reasons why employee onboarding and offboarding is so complicated is that there isn’t just one hero in the story – it affects all aspects of a business, everybody wants to have a say in how it’s done, therefore no one knows exactly where to begin. Notoriously, the human resources team owns the entire employee lifecycle, it aims to deliver staff satisfaction and increase retention by overseeing workplace quality but can’t spend time getting involved in the day-to-day technicalities of authorising employee access to documents and software.
These responsibilities are more pertinent to IT teams, who manage digital resources, networks and related access mechanisms: collecting each employee’s information in an ‘identity warehouse’, they have to deal with staff queries and resolve access requests, and are therefore strained by many small, tedious tasks that leave little time for innovation.
Promptly ensuring that a new hire, or a newly promoted worker, has access to the necessary resources to do their job is undoubtedly a matter of productivity, which means an effective onboarding process should also interest line managers and supervisors. If an employee isn’t able to utilise an application or view useful documents related to their role, they will obviously be unable to perform to their full potential and achieve the expected results. That’s why it’s in the interest of managers, and of the business as a whole, that access provisioning is timely, accurate and flexible.
Safe and sound
What many businesses don’t seem to be aware of is how much is at stake when it comes to employee identity and access management. While employees should always be able to access the resources they need, it’s also fundamental for companies to prevent staff from accessing them inappropriately.
For example, the importance of revoking access to company servers and applications upon offboarding is crystal clear: if a former employee is still able to access sensitive company information, the business is naturally exposed to security breaches. That’s why a secure access management policy goes hand in hand with a sound awareness of the physical and virtual assets available, and of who is utilising them.
Equally, access shouldn’t simply be regulated based on role and seniority. Employees who shift laterally to a different department – for example, from finance to administration – shouldn’t continue to have visibility of information and content they were able to view previously – think of payrolls and staff bank account details. Moreover, an efficient identity management process also protects the business from security risks by ensuring employees can easily and securely access the tools they need so that they don’t have to resort to potentially unsafe workarounds.
From a compliance point of view, data protection regulations such as the GDPR mean employee access and the actions of those managing it must be fully auditable. Businesses should be in the position to report on who has access to what and when, in order to demonstrate they are compliant with such laws.
Automation may be the hero
Currently, enabling these processes with the required speed and precision is a challenge due to the lack of adequate technology. For example, policy-based identity management tools aren’t able to proactively let employees know about available services, or selectively deny access based on awareness of the employee’s current context—such as using an unsecured public WiFi connection. But fear not – automation is coming to the rescue. With all stakeholders, from IT to HR, finally sensing the need to improve how digital resources are delivered, new automated solutions are being developed and increasingly deployed.
Automation can help businesses regain control of employee identity management and facilitate the provision and delivery of application access throughout each employee’s lifecycle. Organisations should implement an identity management tool able to proactively match the right resources to the right employee, at the right time, thus helping them achieve their business purpose. Each member of staff’s information should be loaded to the system so that the automated solution can identify their position and start rolling out entitlements. It’s easy to understand why this approach would exponentially increase efficiency by preventing IT staff from carrying these tasks out manually. If the identity management tool is in sync with the HR source of truth and can automatically oversee access and handle requests, IT teams are consequently free to focus on more valuable work and drive technological innovation within the business.
Effective and accurate resource provision doesn’t just mean supporting IT, but enabling the entire workforce to be productive from day one, increasing efficiency across the business, and making sure no time is wasted and no revenue opportunity is missed, while maintaining security throughout.
In today’s ever-evolving digital workplace, where employees fluidly transition between roles and rely on technology more than they ever have, correctly managing resource access can seem nothing short of impossible. However, forward-thinking organisations can overcome these obstacles by relying on automation to streamline operations, enhance productivity and protect against security threats.
Andy Baldin, Vice President EMEA, Ivanti