Identity Governance: Going Beyond Day One Access and Compliance
Organizations are continuously searching for ways to give new hires a strong start by providing them everything they need to hit the ground running on Day 1. As a result, many are adopting tools such as Workday to make it seamless and easy for them to get access to new hire processes and orientation. Workers also require immediate access to applications and data they will need to do their jobs successfully, however, what we see is that many organizations are struggling with this task. And the struggles do not stop with timely provisioning of access for new users. We also see challenges when it comes to adjusting access as roles change and ensuring ongoing access compliance for regulatory purposes. So what’s creating the pain? More often than not, it’s manual processes, which come with significant time and costs to accomplish these tasks.
In fact, numbers reported from SecurityIntelligence* paint a very interesting picture relating to this:
- It takes 13 days for new employees to be given access
- Users receive 5.5 access changes per year, requiring 0.9 hours (each)
- Deprovisioning (think terminating workers) requires 1.1 hours per user
These manual tasks are not only time consuming, but they also result in a loss of user productivity, security risks and more headaches for IT – and everyone else involved. This is where identity governance comes to the rescue. With identity governance these manual, time consuming tasks can be automated and decreased from days/hours to just minutes. Identity governance goes beyond day 1 access and day 1 compliance by enabling organizations to automate, simplify and perhaps most importantly certify access for onboarding, offboarding and everything in-between.
We’ve seen customers experience significant benefits when integrating their identity governance solution with Workday. Some of these benefits include:
- Day 1 Productivity – new hire account creation is automatically provisioned
- Least Privilege – as user’s roles are changed within Workday, access is proactively adjusted
- Consistency – account attribute changes such as last name, email address, etc. are automatically synced with other applications and systems
- A Secure ‘Good-bye’ – terminated employees, contractors and vendors automatically have their access deprovisioned in minutes not days or months
- Confidence in Compliance – since everything is documented by the system, it’s easy to demonstrate access policy compliance to auditors
As a Workday Select Partner with a Certified Integration, SailPoint offers market leading , cloud identity governance that not only integrates with Workday, but ensures user access to all apps, systems and data is appropriate and compliant not only on their first day but throughout their tenure with your organization.
Check out our Identity for Workday web page for additional insights.