For organizations that use ServiceNow, most employees are familiar with the ServiceNow portal, and they use it for everything from requesting a new mouse to sending a shipment. Why should the user experience for managing and requesting access to systems be any different?
Clear Skye uses ServiceNow's proven capabilities, common UIs, and common deployment and operations. With Clear Skye IGA, users can simply request, approve, or review access directly through the ServiceNow Portal by using approval workflows customized to your organization’s needs.
Using Clear Skye IGA empowers non-IT employees to quickly and easily get the access they need to business applications without knowledge of in-the-weeds details behind the access, like naming conventions or which roles/entitlements are included to approval workflows.
Let’s look at how this point of access shows up in the ServiceNow portal, allowing end users to request or update access, looks with Clear Skye in ServiceNow:
The end user clicks the familiar “Request Something” in ServiceNow.
From there, they can choose their app of choice and feel confident that the workflow will fulfill their request. But managing identities and access is much more complicated than a simple shipment request. How can it be so easy for end users?
With Clear Skye IGA installed, application owners can quickly and easily submit a point of access request, which can be made up of any number of application roles or entitlements, details, approvals, and more. Unlike most Identity solutions, these requestable bundles do not have to involve developers or IT admins. It’s then easy for your identity team to review submitted points of access and approve (or reject) according to your organization’s governance processes. Once approved, points of access will be published automatically to the ServiceNow portal.
Let’s look at what happens behind the scenes to make this possible for application owners, starting from the ServiceNow portal.
When publishing a new point of access, the first step is to select a template.
Pre-defined templates, which come out of the box and can be modified by the IGA team, help to provide a consistent experience to manage access across applications in your organization.
From there, application owners can define lower-level permissions, as they are the only ones with the required knowledge about how this application connects with business needs and what access will be required.
In this example, we’re adding the ServiceNow CMDB to be available for users.
Each point of access has a lifecycle and can be created, updated, disabled, or enabled. These lifecycle events are implemented as IGA access request tasks and usually include approvals.
It’s easy to set up predefined standards of approval for access. They can be auto approved or have multiple stages of approval, depending on the risk scenarios, and allow organizations to implement standards while accounting for different use cases.
There are a variety of reasons why you may need to change a point of access, such as when systems and roles change in your organization, and you can easily make those adjustments anytime.
The application owner can then easily choose preconfigured selections that make sense for the business and IT.
The information provided by the application owner helps with the governance process when publishing a new point of access to the system.
The result is a new application available in the Service Catalog. Here you see that the ServiceNow CMDB is now available within the Access Requests screen.
Clear Skye Access Request functionality helps you ensure employees have access to the IT resources they need to do their jobs.
• Leverage ServiceNow, the portal employees already use, without the need for additional training
• Reduce complexity and decrease the burden on your Help Desk
• Make approval workflows as fine-grained as you like and align to business processes
Check out this 5-minute video to see more on Clear Skye IGA or request a personalized demo on Access Requests today.
©2024 Clear Skye. All rights reserved. | Privacy Policy | Support | Contact
