WEBINAR - Overcoming Business Process Integration Challenges in Identity Programs - Watch Now
- ProductsSolutionsIndustriesResourcesSupportCompany
Schedule a Demo
Watch Demo
Take Self-Guided Tour
Your team members need access to the applications and data needed to complete their jobs. No more, no less. As people move around during their careers with the organization, this becomes more difficult. Often, team members ‘collect’ permissions as they move from role to role, ending up with access to more things than their current role demands. This flies against the principles of least privilege access and can increase security and compliance risk.
Identity Lifecycle Management sits firmly at the intersection of productivity and security. Clear Skye provides all the controls you need to effectively manage the key aspects of an effective lifecycle management program.
As new employees, contractors, and vendors are onboarded, Clear Skye Identity Lifecycle Management provides a robust and flexible user provisioning engine that can leverage any attribute within Clear Skye or the rest of your ServiceNow instance to define clearly what systems and associated permissions a new user needs to have to waiting for them on the first day they start. For example, a new employee starting in the sales department will need to be provisioned with access to email, customer relationship management applications, and the order management system. This is called either Role Based Access Control (RBAC) or Attribute Based Access Control (ABAC) and is a critical component of modern identity security hygiene.
Most SaaS Identity solutions are limited in the flexibility of the workflows available to lifecycle actions, requiring organizations to circumvent current processes. Clear Skye leverages the flexible, no-code Flow Designer ensuring we can easily meet any required business process for lifecycle events.
It’s common for people to take on many roles during their tenure at the company, and at each change, access must be reevaluated. Not only will new permissions need to be provisioned to satisfy new role requirements, but existing permissions need to be reviewed to ensure that you are deprovisioning permissions that are no longer needed in support of least privileged access.
Clear Skye Identity Lifecycle Management provides the controls needed to:
As someone leaves the organization, their access is revoked. While exceedingly simple in concept, stories of disgruntled ex-employees using their access to inflict damage, and outside bad actors exploiting the attack surface provided by no-longer needed access for an attack remain commonplace. Clear Skye Identity Lifecycle Management provides controls that give leaver actions the highest priority in the system, ensuring that permissions are disabled or removed as soon as possible, reducing risk for the organization. Clear Skye also provides the ability to delegate access to managers or colleagues to prevent key projects or customers from being negatively affected as persons leave the organization.While the above are the three main lifecycle use cases, Clear Skye Identity Lifecycle Management also provides the means to address less common use cases like Leave of Absence, Rehire and change from contractor to employee.
Clear Skye Identity Lifecycle Management comprises:
Every Identity Security solution will provide the means to manage joiner / mover / leaver use cases. Clear Skye’s native to ServiceNow approach provides significant benefits over stand-alone solutions:
Richer data to make informed lifecycle decisions leveraging data points from the CSDM, HRIS, and SIR sources of record.
No need to change your business processes as Clear Skye uses the same powerful, flexible workflow automation engine you are already using.
A single point of control for all applications with visibility into the lifecycle of both connected and disconnected systems .
