Earn badges and make progress
You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
Next: Root
1 badge earned
Participate in fun challenges
Challenges come and go, but your rewards stay with you. Do more to earn more!
Gift kudos to your peers
What goes around comes around! Share the love by gifting kudos to your peers.
Rise up in the ranks
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Best practices for setting access controls during new hire onboarding, offboarding and transfers
In this article, we discuss the need for access control automation and the common pitfalls in user provisioning, as well as how the process should be standardized for onboarding, offboarding, and internal transfers.
Role-Based Access Assignments
Most of the time, this task begins with the IT department, and support engineers work based on a standardized access request process. Access is either granted within the application or added to the necessary groups in identity management solutions like Okta, following the review and approval of the respective managers.
However, a common issue that frequently arises is that teams often bypass the process. Access is provided first, and then a ticket is created for audit and compliance purposes. One effective tip to enhance the experience is to establish a baseline access control for specific roles that can be automated. If any special or specific permissions are required, they should go through an approval process.
Automate Access Provisioning
Utilize native integration tools to automate the access provisioning process. Tools like OnLink can integrate Jira Service Management with your HR system and identity management systems such as Okta, JumpCloud, and Azure AD. This integration makes it easier to grant, modify, or revoke access as employees come and go. Automation reduces the chances of human error and expedites the onboarding process.
A valuable tip is to apply the same process in reverse for offboarding and internal transfers. This approach ensures that there is a clear audit trail of employee role changes and related actions.
Ongoing Access Review and Revocation Process
Access control isn't solely about granting permissions; it also involves the regular review and revocation of access that is no longer necessary. Establish a process for periodic access reviews and ensure that managers actively participate in this process. Jira Reports and Dashboards can be quite helpful in providing detailed reports on access provisioning, de-provisioning, and various change requests from both new and existing employees.
Effective access control and access management during employee onboarding, offboarding, and internal transfers are crucial for maintaining a strong security posture and avoiding potential compliance issues.
Here are few how-to-videos that you may find useful
Okta Account Provisioning
Azure AD Account Provisioning
Azure AD Apps Provisioning
We would be interested in hearing about how teams use Jira Service Management for automating and managing access control.
Was this helpful?
Thanks!
Prabhu Palanisamy _Onward_
2 comments