Best Practices for Infusing Identity Governance into your ServiceNow Implementation

I think that we can all agree that it is more important than ever for organizations to empower their users with the right access, when they need it, where they need it, and of course securely.  Those however can be challenging and even conflicting statements.  With the overwhelming amount of user access requests to applications and data as well as all the other service requests, this is putting a huge strain on the IT helpdesk and hindering productivity across the organization. 

I guess it shouldn’t come as a surprise that The SailPoint Market Pulse Survey identified that 50% of IT leaders’ time is spent on administrative tasks such as password resets and granting access to resources – talk about time-consuming and expensive!

Over the past 8 years, SailPoint and ServiceNow have partnered together to ensure that our mutual customers have a variety of options for extending and integrating SailPoint Identity Governance into the ServiceNow platform.  With SailPoint’s latest ServiceNow integrations, organizations can provide their business users the same ServiceNow experience that they are familiar with for all their self-service access request needs, with the peace of mind that access is safe and protected.  Organizations can empower their users to get the access they need when they need it – securely and all directly within ServiceNow. 

SailPoint now offers our integrated identity solutions directly from the ServiceNow App Store, making it even easier to access and quickly start using identity governance with existing IT workflows.

Let’s look at the exciting benefits you’ll get by combining the power of SailPoint identity with ServiceNow: 

Streamlined access and security all in one place:

SailPoint integrates with the ServiceNow Service Catalog providing a single pane of glass for IT requests.  This enables ServiceNow users to request access through the ServiceNow Portal as usual. SailPoint Identity then ensures that the request follows your organization’s approval and fulfillment policies – all automated and compliant.  Users can now make all of their service requests such as ordering a laptop, reporting an outage and track those tickets from request through completion. 

Provide closed-loop provisioning from the ServiceNow Service Desk:

SailPoint also integrates with ServiceNow by extending SailPoint’s governance of access changes and provisioning requests to the ServiceNow Service Desk. Service request tickets, such as provisioning or de-provisioning of access, are automatically created in ServiceNow. These tickets are monitored from request to completion and made available for audit tracking.  SailPoint offers direct connectivity to hundreds of applications although there are always additional applications that SailPoint users want to incorporate into their overall identity program. While SailPoint has the ability to understand which users have access to applications that offer read-only access or file exports, provisioning can still be a potential gap in identity governance plans. The SailPoint for Service Desk integration can fill this gap by wrapping end-to-end governance processes around a manual fulfillment process.

Automate provisioning of ServiceNow accounts and ensure compliance:

SailPoint offers our out-of-the-box direct connector for ServiceNow that enables direct provisioning of accounts and account entitlements for maximizing the management of ServiceNow accounts. The SailPoint Identity Governance Connector plays an important role in Lifecycle management by provisioning new ServiceNow accounts, updating existing accounts or disabling an account when someone leaves the organization or no longer needs access. It also helps in compliance and certification, where it can revoke access of ServiceNow accounts’ to ServiceNow groups and roles when required.

Guardian Life Insurance provides a great example of how they integrated SailPoint and ServiceNow so that their access control was end to end.  “Integrating these two systems allowed Guardian to maintain security and compliance requirements while providing their users with the same experience. This integration provides the ability to extend governance to applications that do not support direct provisioning. For example, when you request something from SailPoint, it will automatically create a service request ticket in ServiceNow. The integration also supports creating incident or change request ticket types. A ServiceNow ticket can be manually fulfilled by a ServiceNow administrator, and the status will be updated back to SailPoint. This provides closed-loop auditing to ticket completion.”

The combination of SailPoint and ServiceNow working together allow organizations to gain visibility into all ServiceNow accounts, groups, and entitlements.  This provides comprehensive compliance, audit tracking and a unified end-user experience by consolidating access requests to any application in a single workflow.

For more information on SailPoint and ServiceNow, be sure to check out the SailPoint for ServiceNow webpage as well as SailPoint integration applications section of the ServiceNow App Store:


Discussion