Automated provisioning and single sign-on are two simple service desk best practice strategies that both cut service desk request volume and increase customer satisfaction. Instead of setting up new accounts manually and resetting passwords all the time, you can devote the service desk’s valuable time to more in-depth and strategic tasks.
Before they can gain access to your systems and applications, users must create a new identity in Active Directory or any other identity management system. IT then provisions new accounts for them in the applications they need to use based on their job role, whether they’re employees, contractors, vendors, business partners or customers.
With automated provisioning, new accounts are automatically created in key applications any time a new identity is launched; for example, when a new employee is onboarded by HR. When the identity is deleted, all access to these accounts is automatically revoked. Automating provisioning means less time spent guiding users through account creation and management processes. Rules associated with job roles help to govern access, and users can initiate and make changes to their services, in many cases, without assistance from IT.
A survey by Biscom found that 85 percent of employees admit taking company documents and information they’d created when they left an employer. Thirty percent admit taking data created by someone else. Automating provisioning also limits risk exposure by removing access once users are no longer part of the organization. Instead of relying on IT to manually deprovision accounts, a practice that is cumbersome for IT and exposes the organization to human error, access is automatically revoked upon deactivation.
Single Sign-on (SSO)
SSO gives users access to all organizational applications and websites using only a single password. They can switch to other applications without having to re-enter their login credentials. Whether the solution uses JSON, SAML or other authentication methods, it enables the sharing of session information to find out if a user is already signed in or not.
As most of today’s organizations use both on-premises and cloud applications, often across multiple geographic locations and within different cloud environments, SSO has become one of the most important service desk best practices. In addition to improving the user experience, it enables IT to store user authentication and activity information within a central mechanism so they can gain a 360-degree view of how a user interacts with systems.
How They Work Together
When new identity creation is initiated, your provisioning platform can provision the user in your role management tools. Roles, which determine what employees can access, can be automated based on job title and predetermined job attributes. Once the role is assigned, your provisioning platform creates accounts for the applications, websites, and systems the user needs to access, with the level of access granted according to the needs of the role.
When users want to access enterprise data, your identity management tool authenticates them using their SSO credentials. Users see a personalized interface that shows only the applications to which they have access, and they don’t have to reauthenticate whenever they switch to another application or domain.
Automated provisioning and SSO are two service desk best practices that can make IT’s life a whole lot easier. To discover other ways to leverage the power of automation, download our white paper: 101+ Ways to Automate Your Workplace.
About Matt Cox
Matt leads the sales engineers and support team for SolarWInds ITSM. His team works with customers to create tailored technical solutions for specific business needs. He once went hang gliding off a cliff in Ecuador.
Read more articles by Matt