Automating Identity Lifecycle Management

Jan 13, 2021
3 minutes

Employee lifecycle management is among the most tedious challenges for HR and IT operations teams today. When a new hire joins your company or moves around in your organization, she needs appropriate access permissions to applications, groups, and tools required to perform her job. The processes continue throughout the employee’s tenure with access management, identity governance, and reconciliation needed between HR systems. When the employee leaves the organization, the whole process has to be reversed. All of these processes are manual, repetitive, and a time sink for your IT operations team. If they are not done correctly, it can lead to serious security exposures.

Now wouldn’t it be great if you could create “smarter” processes using an automated playbook that does the work for you? Introducing Cortex XSOAR Identity Lifecycle Management! Our new content pack -- now available on the Cortex XSOAR marketplace -- helps you automate user provisioning across HR management systems, user management, and authentication tools such as WorkDay, Active Directory, and Okta.

It’s not just a matter of time savings. Updates to the system of record (e.g. HR system) on employee status and information are not always propagated across relevant IT and business applications. This results in out-of-date information that can pose a security risk or impact employee productivity, and leaves security teams without visibility into the employee lifecycle process.

Introducing Cortex XSOAR Identity Lifecycle Management

Using the Cortex XSOAR Identity Lifecycle Management content pack, you can add users to your various applications, assign them the necessary roles, and grant them access to applications. The playbooks in this pack can, for example, take User Profile information from a Workday report and make determinations such as:

  • Is this a new hire who needs to be added to the system?
  • What access groups and applications would this employee need?
  • Does this user's personal information need to be updated?
  • Has this user left the company and needs to be disabled or deleted across systems?

Once the right path is determined, the playbook will run the appropriate tasks to update employee data or status in Active Directory and/or Okta. It can also communicate with all relevant stakeholders to inform them if any errors arise in the process or to obtain necessary credentials as needed.

This content pack comes with integrations, incident and indicator layouts, mappers, and fields required to streamline your user provisioning. By automating user provisioning, you can significantly reduce the time your team spends on HR tasks, keep data in-sync across critical applications, improve customer SLAs, and standardize provisioning management.

All of these components can be used right out-of-the-box or easily tailored to suit the needs of your organization.

The Identity Lifecycle Management pack is available via our Cortex XSOAR Marketplace with a free one month trial! Want to learn more about this content pack? Check out the January 2021 Cortex XSOAR Marketplace Webinar (the first of our new series) to see it in action!

Figure 1: User incident details with actions taken

Figure 1: User incident details with actions taken

Don't have Cortex XSOAR? Download our free Community Edition today!


Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.