Download to read offline
Uploaded byOdette Scully
What does it mean to optimize the user lifecycle ?
The document discusses optimizing and securing the user lifecycle process through automating steps with SAP Identity & Access Governance. It describes how traditionally the user lifecycle involved many unclear subprocesses and actors for tasks like requesting access, validating requests, and provisioning accounts. With SAP tools, each step can be modeled and automated, with integrated data flows to accelerate audits and reduce costs. The goal is providing a simple, compliant user experience with a low cost process.
What does it mean to optimize the user lifecycle ?
- 1. Inventy What does itmean to OPTIMIZE the user lifecycle? INVENTY April 2015 – SAP Security 360° Service
- 2. Have you everhad serious difficulties in obtaining computer rights ?
- 3.
- 4. Application Form Search for permissions and accounts Addto the request Validate request Provisioning and details Monitoring request and notifications Operational accounts and permissions EASY! A simple 7 step process… Requesting IT access rights for a normal user ?
- 5. But reality isoftendifferent … Validate request Application form Search for permissions and accounts Add to the request Provisioning and details Monitoring request and notifications Operational accounts and permissions
- 6. Validate request Application form Search for permissions and accounts Addto the request Provisioning and details Monitoring request and notifications Operational accounts and permissions By profiles and by users Security Validation / Authorization catalog exposure Adding partial roles Requests by user copy Manager validation Compliance validation Provisioning Return code from target applications User email Initial password change Connection validation Automatic additions by HR Profile Person in charge validation Each step requires coordination of unclear sub processes involving multiple actors ...
- 7. At Inventy, we OPTIMIZEand SECURE the user lifecycle Validate request Application form Search for permissions and accounts Add to the request Provisioning and details Monitoring request and notifications Operational accounts and permissions By profiles and by users Security Validation / Authorization catalog exposure Adding partial roles Requests by user copy Manager validation Compliance validation Provisioning Return code from target applications User email Initial password change Connection validation Automatic additions by HR Profile Person in charge validation Optimization Zone
- 8. S S S S C C S S S S S C C S with SAP Identity& Access Governance, each step is modeled and automated in IDM & GRC … S C Simple automated action . Complex action natively integrated Validate request Application form Search for permissions and accounts Add to the request Provisioning and details Monitoring request and notifications Operational accounts and permissions By profiles and by users Security Validation / Authorization catalog exposure Adding partial roles Requests by user copy Manager validation Compliance validation Provisioning Return code from target applications User email Initial password change Connection validation Automatic additions by HR Profile Person in charge validation
- 9. …integrated data flowsaccelerate AUDITS and reduce maintenance costs Integrated data flow . I I I I I I I I I Validate request Application form Search for permissions and accounts Add to the request Provisioning and details Monitoring request and notifications Operational accounts and permissions By profiles and by users Security Validation / Authorization catalog exposure Adding partial roles Requests by user copy Manager validation Compliance validation Provisioning Return code from target applications User email Initial password change Connection validation Automatic additions by HR Profile Person in charge validation I I I
- 10. Add to the request Provisioningand details Operational accounts and permissions By profiles and by users Return code from target applications Initial password change Connection validation Person in charge validation Our commitment ? A simple user experience A COMPLIANT process with a low cost Application form Search for permissions and accounts Validate request Monitoring request and notifications Adding partial roles Requests by user copy Automatic additions by HR Profile Manager validation Provisioning Security Validation / Authorization catalog exposure Compliance validation User email
- 11. April 2015 Inventy François Michel– francois.michel@inventy.ca - 514-804-2333 Odette Scully – odette.scully@inventy.ca – 514-972-7245 www.inventy.com Contact us to learn more We would love to hear more from you!