Immediate Termination Configuration in SailPoint ISC
Date Posted:
Category:
Security
Author:
Anjana
Immediate Termination Configuration in SailPoint ISC
Date Posted:
Category:
Security
Author:
Anjana
Immediate Termination Configuration in SailPoint ISC
Date Posted:
Category:
Security
Author:
Anjana
Introduction
In many organizations, secure removal of access is an important aspect of identity governance. When an employee is terminated from the company, opposed to the regular cycle of joiner mover and leaver under few circumstances, it is essential that their access is revoked immediately to prevent any potential security risks. Delayed access revocations can lead to exposure of sensitive data and compliance violations.
SailPoint ISC provides Lifecycle state management capabilities which enables the organizations to automate access provisioning and deprovisioning across connected applications. Immediate termination is one of the most critical lifecycle events since the user access is revoked as soon as the termination event is detected. By leveraging workflows, and transforms, this event could be navigated.
Problem Statement
When an employee is supposedly terminated from the organization for reasons that fall outside the standard lifecycle termination process then that particular use case is called immediate termination. In this case, the user’s access has to be removed almost immediately. The Lifecycle state should remain in “Terminated” state even during identity processing (since this might change the LCS back to “active” because the termination date is not yet updated in the HR source) until the termination date from the HR system is aggregated to SailPoint.
Solution:
Forms
A form is created to get the user’s data (Name)
Another form is created to display the user’s data to make sure it’s the right user that’s being selected
Workflow
A workflow is created with the trigger as an interactive trigger which helps to access the launchpad
The workflow moves the LCS of the user to “ImmediateTermination”
Any accounts that need to be disabled and access that needs to removed are done through the workflow actions
Transform
A transform A is built to display the immediate termination date using the now value if the LCS is “ImmediateTermination”
Another transform B checks for this date and helps keep the identity in the same “ImmediateTermination” LCS until the termination date is updated on the HR source
Once the Termination date is updated on the HR source, the transform B should be built in such a way it moves the identity to the “Terminated” LCS from the “ImmediateTermination” LCS.
Access Revocation
Access deprovisioning happens as configured in the “ImmediateTermination” Lifecycle event. In case of disconnected applications, the task is assigned to the source owner in the task manager tab and in case of direct applications, deprovisioning happens automatically.
Benefits of Immediate Termination
Implementing immediate termination provides several security and operational benefits.
Enhanced Security - Ensures terminated users cannot access any applications or systems after leaving the organization
Compliance Support - Helps meet compliance requirements related to access governance and identity management.
Automation and Efficiency - Avoids manual processes and ensures deprovisioning happens consistently across systems.
Conclusion
Immediate termination is a critical use case of identity governance that ensures timely revocation of access when an employee leaves the organization. By using lifecycle events, workflows, provisioning and deprovisioning events in SailPoint ISC companies can reduce security risks related with delayed deprovisioning. Implementing a planned and structured immediate termination process strengthens an organization’s security and avoids compliance issues.
Stay tuned to our blog to see more posts about
Sailpoint products implementation and its related updates.
Stay tuned to our blog to see more posts about
Sailpoint products implementation and its related updates.
Category:
Security
Stay tuned to our blog to see more posts about
Sailpoint products implementation and its related updates.
Stay tuned to our blog to see more posts about
Sailpoint products implementation and its related updates.
Category:
Category:
Security
Security
Get your
Tailored Quote for your
Organisation
Get your
Tailored Quote for your
Organisation
Introduction
In many organizations, secure removal of access is an important aspect of identity governance. When an employee is terminated from the company, opposed to the regular cycle of joiner mover and leaver under few circumstances, it is essential that their access is revoked immediately to prevent any potential security risks. Delayed access revocations can lead to exposure of sensitive data and compliance violations.
SailPoint ISC provides Lifecycle state management capabilities which enables the organizations to automate access provisioning and deprovisioning across connected applications. Immediate termination is one of the most critical lifecycle events since the user access is revoked as soon as the termination event is detected. By leveraging workflows, and transforms, this event could be navigated.
Problem Statement
When an employee is supposedly terminated from the organization for reasons that fall outside the standard lifecycle termination process then that particular use case is called immediate termination. In this case, the user’s access has to be removed almost immediately. The Lifecycle state should remain in “Terminated” state even during identity processing (since this might change the LCS back to “active” because the termination date is not yet updated in the HR source) until the termination date from the HR system is aggregated to SailPoint.
Solution:
Forms
A form is created to get the user’s data (Name)
Another form is created to display the user’s data to make sure it’s the right user that’s being selected
Workflow
A workflow is created with the trigger as an interactive trigger which helps to access the launchpad
The workflow moves the LCS of the user to “ImmediateTermination”
Any accounts that need to be disabled and access that needs to removed are done through the workflow actions
Transform
A transform A is built to display the immediate termination date using the now value if the LCS is “ImmediateTermination”
Another transform B checks for this date and helps keep the identity in the same “ImmediateTermination” LCS until the termination date is updated on the HR source
Once the Termination date is updated on the HR source, the transform B should be built in such a way it moves the identity to the “Terminated” LCS from the “ImmediateTermination” LCS.
Access Revocation
Access deprovisioning happens as configured in the “ImmediateTermination” Lifecycle event. In case of disconnected applications, the task is assigned to the source owner in the task manager tab and in case of direct applications, deprovisioning happens automatically.
Benefits of Immediate Termination
Implementing immediate termination provides several security and operational benefits.
Enhanced Security - Ensures terminated users cannot access any applications or systems after leaving the organization
Compliance Support - Helps meet compliance requirements related to access governance and identity management.
Automation and Efficiency - Avoids manual processes and ensures deprovisioning happens consistently across systems.
Conclusion
Immediate termination is a critical use case of identity governance that ensures timely revocation of access when an employee leaves the organization. By using lifecycle events, workflows, provisioning and deprovisioning events in SailPoint ISC companies can reduce security risks related with delayed deprovisioning. Implementing a planned and structured immediate termination process strengthens an organization’s security and avoids compliance issues.