Streamlining Terminations and Access Removal Through Automation

Background

The Digital Marketing Company is responsible for the management of over 200 websites, SEO, and content creation for their customer base. The Digital Marketing Company’s developers and content team have access to a wealth of intellectual property, making it crucial that there is a timely deprovisioning process in place.

 

As The Digital Marketing Company grew, the number of employees and applications grew along with it. Unfortunately, an identity management solution was not set up to scale with the growth in the business. Through the years, as new applications were onboarded, access provisioning and deprovisioning procedures were half-heartedly created and left undocumented. As the creators of those procedures left the company, the access policies were forgotten.

 

The lost procedures seemed harmless until a disgruntled employee was terminated and took advantage of the company’s weak identity governance policy. After their termination, the former employee was able to log back into sensitive systems and delete customer data, take down multiple websites, and halt business processes for numerous clients.

 

Company Profile

The Digital Marketing Company is responsible for the management of over 200 websites, SEO, and content creation for their customer base. The Digital Marketing Company’s developers and content team have access to a wealth of intellectual property, making it crucial that there is a timely deprovisioning process in place.

 

Key Challenge

The company has no process or system in place to eliminate all access for terminated employees in a timely manner, resulting in vulnerabilities and risk. Developing internal processes has been unsuccessful and too time consuming.

Clarity Security’s Solution

The Digital Marketing Company’s goal is simple – make access deprovisioning painless and straightforward without overhauling their HR system, applications, or infrastructure. Clarity Security’s innovative identity governance solution can solve their problems while matching their constraints.

 

First, we use our extensive application integration library to tie into their HR system and SaaS, cloud, and homegrown applications. This connection allows us to automatically map out access roles that define what applications and entitlements their employees should access.

 

Once these roles are in place, the Clarity Security system monitors the company’s HR system for any employee terminations. When a change happens, our system triggers events to initiate and complete the deprovisioning activities automatically.

 

The Results

Our platform has consolidated and automated the termination workflow for our customer. When management and HR decides it is time to let an employee go, a member of the HR team initiates the termination from within the HR application. This initiates the deprovision workflow and disables the employees access within 5 minutes of the final click.

 

With Clarity Security, The Digital Marketing Company can rest assured that any disgruntles employees will not be able to access sensitive systems and cause expensive damages.

 
 

The Digital Marketing Company can now easily provision, deprovision, and adjust access as needed through Clarity Security’s automated identity governance platform.

Simplifying Onboarding with Automated Access Generation

Background

Due to undocumented procedures, shadow IT, and lost tribal knowledge, a new hire can be left without all of the access they need for months.

One of the challenges faced by the development team is AWS provisioning. Their current AWS new-hire processes results in new employees waiting for up to 3 months before they can perform all of their required tasks in AWS. This is due to a heavy reliance on tickets, tribal knowledge, and multiple bottlenecks throughout the process.

Additionally, the Digital Marketing Company has regulatory requirements that require specific approvals before certain access is provisioned. Meaning, if a hiring manager does not know about the requirement, the access will go un-provisioned indefinitely.

 

Company Profile

The Digital Marketing Company is responsible for the management of over 750 websites, SEO, and content creation for their customer base. Internal processes are built around agility, precision and speed. The expectation is that a new-hire should have the tools and resources available day one.

Key Challenge

The company faces bottlenecks while manually provisioning new hires, meaning users are left without critical access for months.

 

Clarity Security’s Solution

Clarity Security’s role generation and access automation were implemented into The Digital Marketing Company’s environment to alleviate the reliance on tickets, eliminate the need for tribal knowledge, and remove the bottlenecks.

Following the conclusion of Identity Unification™, access roles are generated based on the current environment and tailored to be the gold-standard for the company. Once the roles are set, a new hire’s organizational attributes are evaluated by Clarity Security and the appropriate access is provisioned through our event processor.

For access that cannot be provisioned automatically, custom workflows were developed that notify approvers daily to review the request. If the access is approved, the event processor then automatically provisions the access.

The Results

Prior to Clarity Security, it wasn’t uncommon for a newly hired junior developer to be without their required access for two months. After implementing Clarity Security, all access is provisioned immediately after the employee is finalized in the HR system.

The Digital Marketing Company can now easily provision, deprovision, and adjust access as needed through Clarity Security’s automated identity governance platform.