How Does Identity Enforcer Transform User Provisioning? 
Traditional user provisioning solutions require extensive consulting, analysis and design to create a complex maze of roles, rules and workflow.  This leads to long implementation cycles and multi-million dollar budgets.  Even worse, many implementations fail before they are ever rolled out to the field or, once deployed, are too difficult to maintain in response to the rapid rate of business change.  Using a combination of patent-pending technologies, Identity Enforcer's new approach overcomes all of these obstacles- enabling managers to define business relationships and implement policies with drag-and-drop ease while Identity Enforcer transparently manages all of the underlying workflow and provisioning operations.  The result is a system that deploys faster, at lower cost and evolves with the business.

How Does Identity Enforcer Work? 
To deliver user provisioning that's as dynamic as modern business requires a simplified method to build and visualize business processes; a flexible role model that supports incremental changes; and an automated workflow system.  Most important, each must be implemented without the complex scripting and programming that's made user provisioning systems cumbersome, slow and expensive.  Identity Enforcer meets these objectives with three pioneering technologies:

• The Hierarchical Business Services Repository™: Neatly organizes assets and applications to mirror business processes and allows end-users or managers to request what they need when they need it.
• Hybrid Roles™: Supports evolutionary change by combining enterprise roles with individual assets and privileges. Hybrid roles can be modified by line of business or IT managers.
• IdentiFlow™: Identity-oriented approval workflow is automatically generated for all role management and user provisioning operations from the structure of the Hierarchical Business Services Repository without the cost and delays of traditional workflow programming.
   

The Repository can be structured in any manner (organizationally, geographically, etc.) and order that matches how the organization operates.  Managers define and place assets, IT privileges and roles into the structure and define ownership.  Hybrid Role creation is as simple as dragging-and-dropping the required assets and privileges into a role container.   IdentiFlow workflow is automatically generated based on the Repository and organizational structures.  Perhaps most important, the Repository structure and contents, including roles, can be modified at any time and Identity Enforcer will automatically make all required changes to inherited ownership rights and workflow.

User access requests are as simple as selecting the required assets, privileges and roles from the Repository and dropping them in a shopping cart.  After the user fills out any required on-line forms (for example, a manager can utilize Identity Enforcer's user interface to create a form requesting justification or further details), the request is sent to the required approvers.  User and administrative interfaces show the status of the approval process, including escalation.  Once the request is approved Identity Enforcer's web-services based provisioning engine will automatically create the desired accounts (or modify the user's permissions if the account already exists) and send asset requests to the appropriate administrator for execution.
 

Identity Enforcer also integrates seamlessly with Account Creator and Account Terminator to provide fully automated employee lifecycle provisioning and deprovisioning.  As new employees are hired Account Creator's HR Integration automatically detects the change and creates user accounts and privileges based on enterprise roles (using job code, job title, etc.).  With Identity Enforcer, the employees (or their managers) can customize their identities via selection of additional assets, privileges and roles required for their specific job assignments.  Upon termination, Account Terminator will automatically remove access or delete accounts to ensure compliance with corporate policy and regulations.

Identity Enforcer Benefits

Reduce Costs
Identity Enforcer's simplified deployment and self-service request model dramatically reduces the cost of provisioning operations.

Increase IT Efficiency
The automated processing of provisioning tasks frees help desk, service desk and administrator resources to handle higher value assignments.

Accelerate User Productivity
The self-service request process combined with automated workflow and provisioning delivers faster access to required IT resources and business assets.

Achieve Compliance
By implementing approval processes to comply with internal and external standards and building an audit trail of all provisioning operations, Identity Enforcer is a key component of a comprehensive corporate compliance strategy.  The SOX Separation of Duties (SOD) feature ensures that multiple stages of critical business processes are not assigned to a single employee.

Increase Business Agility
Identity Enforcer's Hierarchical Business Services Repository, Hybrid Roles and IdentiFlow workflow all adapt to rapidly changing business demands.  Instead of waiting for complex role design and workflow programming, IT and line of business managers can easily make the required changes and roll out new business processes.

Learn more about all of the benefits of the Avatier Identity Management Suite.