What is deprovisioning?
Deprovisioning is the process of removing an employee's access rights to software and IT resources. It is generally carried out when an employee's status is about to change, such as when an employee leaves, changes position or is promoted. It is an important step in the offboarding procedure, and must always be carried out to ensure the security of the company's IT systems.
It's important to remember that access rights must be deleted or suspended as soon as an employee no longer needs them, even if this involves a change of position. Poor deprovisioning can create security loopholes, allowing former employees to retain access. In extreme cases, you run the risk of data theft, system sabotage or other malicious acts.
Like provisioning, deprovisioning can be carried out manually, but this can have a number of drawbacks and lead to errors.
Why should it be automated?
Manual deprovisioning can be tedious and error-prone.
Manual deprovisioning exposes you to the following risks:
- Delays: it can take a long time to collect HR data and IS information. Because of this delay, employees who have left may still have access.
- Neglect: it's possible to simply forget to take care of them, leading to security breaches and the creation of phantom accounts.
- Errors: manual unprovisioning can lead to errors, such as deleting active user accounts or not deleting departed user accounts. These errors can lead to service interruptions and data loss.
To avoid this type of error, an IAM tool can automate the deprovisioning process.
With an IAM tool like Youzer, you'll be able to have a secure, automated deprovisioning process. People who no longer have a link with the company will be highlighted and their access suspended.
Automation will enable you to :
- Increase productivity: by cross-referencing HR data with IT department information, you have a global view of current and former users, as well as their associated accounts. This is a real time-saver for IT teams when creating user accounts.
- Reduce costs: by detecting accounts in error, you can avoid overpaying for licenses for people who are no longer with the company. You can suspend access and then provide it to new employees.
- Secure your IS: by quickly and efficiently removing access for users who are no longer present. This reduces the risk of cyber attacks and data theft.
Conclusion
Unprovisioning is therefore crucial when revoking an employee's access rights to software and services. It is an essential step in the offboarding process to guarantee corporate IT security. Errors can occur when it is carried out manually, which is why automating deprovisioning via an IAM solution, such as Youzer, is recommended. This increases productivity, reduces costs and secures the IT system by quickly and efficiently removing inactive user access.
