For IT

What is user provisioning and deprovisioning?

The Rippling TeamSep 9, 2021

User account provisioning and deprovisioning refers to the creation, maintenance, and deletion of employees' access to internal and 3rd-party systems. It’s an important part of keeping your information, and the information of your employees, safe and in the right hands, as well as simplifying the onboarding and offboarding processes. This kind of identity management has many touch points, from the creation of user accounts, to the type of permissions granted, to the disabling of said accounts and permissions once an employee’s tenure with the company is up. 

When a new employee is onboarded, they require access to everything from a company email address, to shared drives, user accounts in integrated applications, and company-wide databases. Effective user provisioning ensures that everyone is given access to exactly what they need as soon as possible in a manner that doesn’t bog down IT teams, reveal confidential information, or require multiple back-and-forth conversations to acquire all the tools needed.

Quick and easy creation and management of a digital identity is such an integral part of business today that a consistent and efficient management system will ensure your employees can get to work right away.

Develop clear guidelines for sharing or restricting access

In order to make the most of your user provisioning system, you need to clarify internally what type of information and tools must be accessible to which individuals and teams. These guidelines will help create a checklist to use when a new employee is hired, or when an employee moves into a new role. This process will not only make things more efficient, but improve security as well. 

Start by creating an inventory of all the critical applications used throughout your organization, and work with IT to ensure they have a full understanding of all the tools on offer. Because of their wide use, these applications can pose the largest security risks, and should be treated with care. After everything is identified, parse out the necessary tools per department. Some applications will be shared widely across departments, some will have niche functions—the key is having oversight of each department’s needs, and how to provide timely access. 

Restricting access is a piece of the puzzle that can’t be overlooked. Not only is it overwhelming to inundate new hires with information they don’t require, but there can be legal ramifications for allowing access to confidential documents to employees who haven’t, for instance, signed an NDA. Once you’ve set up your guidelines, it’s easy to work with a single sign-on system to grant and revoke access to everything your teams need. Monitoring these guidelines and their efficacy once implemented will help you evolve your process over time.