Let’s Automate the “Joiner Process”

The Joiner process is a critical part of any organization and is the starting point of the user life cycle management process. Starting with Human Resources and culminating in access to an organization and its critical infrastructure is part of the joiner process. This blog will be the first in a series of blogs focusing on an organization’s Joiner, Mover, and Leaver or commonly referred as the JML process. This blog explains the joiner process and how the process can be automated to lower costs, reduce risk and increase efficiency in any organization.

What is a Joiner Process

Simply put, a process that on-boards an employee into an organization and provides access to its resources is a joiner process. A joiner process can be as simple as issuing a badge to get access to an office building, while a complex joiner process could be as intricate as providing access to most complex applications from day one of employment.

All organizations have a process of on-boarding employees and non-employees. The on-boarding process can start from obtaining a user identifier while just applying for employment at an organization. Typically, organizations provide candidates with different options to apply for a position on their company portal or via a recruitment firm or directly email a resume to the Human Resources department. As a part of the employee hiring process, data is collected about potential candidates for review and the hiring process. Traditionally, the recruitment process can take multiple weeks to months to complete and during that process, organizations capture mandatory details about the candidate. This candidate data, while being sensitive in nature, is necessary to capture and help in the user on-boarding process.

Manual Joiner Process Summary

Traditionally, the on-boarding process was a business function outside of the Identity and Access Management (IAM) process and was developed using multiple silo and manual processes. However, with the advent of IAM tools and sophistication in business models, employee on-boarding has been seen as a critical part of lowering costs and increases the efficiency. In the current business operations model, IAM tools can be used to automate silo and manual processes with the collaboration of Human Resources and business owners. Below is a summary of the manual on-boarding process and a sample of an automated on-boarding process.

Manual user on-boarding process may compromise the following steps:

Request by HR to create a unique employee identifier or an employee ID in a financial system

1. Once the employee ID is created, a request to create a network account such as Active Directory or Azure Active Directory account
2. Usually, an email is sent to the hiring manager with user credentials which are shared by the manager with the new employee
3. A new employee changes the password to access the network with limited access. In some cases, an email account may be created as an additional step
4. The new employee may subsequently ask for access to other applications and systems. The hiring manager may submit the request on the new employee’s behalf or direct the new employee to submit a request
5. A new request to individual systems or a bundled request to systems may be submitted to administrators for access. The process may follow further access approval and, lastly, the fulfillment process for various applications
6. Each of these steps can result in time consuming processes and, at times, incorrect access to applications From the day of joining, an employee’s productivity can be delayed by days or even weeks. It is a very common process model in many organizations, irrespective of industry.
7. In addition to the process, proper auditing tools have to be in place to completely document requests and approvals, access provisioning, and access recertification.

Automating The Joiner Process

In contrast to the above manual process, an automated joiner process can replace the manual joiner process providing efficient and secure employee on-boarding. Below are the steps that IAM processes in conjunction with IAM tools can effectively be implemented to streamline the employee on-boarding process:

1. Request HR to create a unique employee identifier or an employee ID in a financial system
2. Once an employee ID is created, the IAM process can either receive daily feeds or extract data for daily feeds from HR or a financial system such as Workday, PeopleSoft, SAP, etc
3. Once the feed is received by IAM processes, IAM tools can automatically create network IDs and email accounts and grant access to home drives, on-premises, cloud applications, financial systems, medical applications, etc., from day one without any human intervention
4. IAM tools can also grant application access directly without requesting access to applications based on employee data and employee persona attributes. Access to applications without request and explicit approval are commonly referred to as “Birthright” applications since access is given to all employees based on some common access criteria
5. IAM tools are sophisticated enough to read HR feeds and be configured with predetermined rules to provide application access without any request or approval. For example, a “Bank Teller” role in the retail banking business would require certain access to applications based on the role. Rather than requesting access for a new Bank Teller employee, IAM processes can automatically provision the new employee to the Bank Teller role in the application and provide access to the user from day one, saving time, and costs and increasing productivity

 Benefits of Automated Joiner Process

IAM processes are detailed and complex and may cross lines of business. To solve IAM business process challenges, organizations need expert IAM resources who have industry and technology experience to solve IAM challenges. The IAM Joiner process is just the start!

iQuasar Cyber offers organizations experienced consultants who have implemented large-scale IAM transformation projects to meet business goals. Schedule a consultation discussion to discover our IAM services and how we can automate IAM processes to lower costs, improve efficiency and provide safeguards via access controls.