Provisioning and Workflow
Automated Account Management
Enterprise employees typically access dozens of apps on a regular basis. Trying to manually control all the user accounts across those apps is a daunting task for IT. Without automated account lifecycle management, IT has to add, change and remove users manually within each app’s admin console.
Users, who typically create their own passwords in each app, frequently forget them or resort to reusing them when possible. This results in security lapses, increased helpdesk calls and lost productivity for both users and IT.
Centrify Identity Service provides automated user provisioning that eliminates these hassles, streamlines IT workflow, and simplifies access across thousands of cloud apps including Box, Google Apps for Business, O365, Zendesk, Salesforce, Concur, Amazon Web Services and more.
With automated account provisioning from Centrify, users get one username and password across all their apps, and IT gets automated, streamlined account management from the day users start, to the day they depart.
Not only does user provisioning aid efficiency, but coupled with automated SAML authentication, app access is both streamlined and secured. SAML eliminates the weak links of app access — usernames and passwords — with secure tokens that allow single sign-on for users, and thwart brute-force hacking attempts.
Just as important as providing access from a central management platform, is the ability to revoke that access when necessary. Centrify account provisioning automatically revokes access to cloud and mobile access in target applications, based on role changes. Identity Service provisioning automates every stage of the employee app lifecycle to ensure managed, secure access.
How it Works
User provisioning with Centrify Identity Service is much more than just automated app setup. It’s true app lifecycle management from beginning to end.
- Role-based automated user provisioning
Automatically create accounts within each of the target apps by simply adding a new user to a role within your directory.
- Automated licensing and entitlement
Automatically set authorization/entitlements within each target app so each user has access to only the correct data, as appropriate.
- Mobile device policy and setup
Secure the devices used to access apps, provide secure one-tap access to apps, and push appropriate web and mobile apps, as well as certificates and policy for Wi-Fi, VPN and mail.
- Access to all apps with a single set of credentials
Each provisioned app is secured with its own credentials or SAML authentication, but users only need one username and password for access.
- Monitoring and reporting
See access reports, failed login attempts, unused accounts, and customize them to stay on top of app and device risks.
- Automated app de-provisioning
Automatically revoke, suspend, or disable accounts across all apps when a user is disabled or removed.