What is user provisioning and deprovisioning?


Sep 9, 2021

User account provisioning and deprovisioning refers to the creation, maintenance, and deletion of employees' access to internal and 3rd-party systems. It’s an important part of keeping your information, and the information of your employees, safe and in the right hands, as well as simplifying the onboarding and offboarding processes. This kind of identity management has many touch points, from the creation of user accounts, to the type of permissions granted, to the disabling of said accounts and permissions once an employee’s tenure with the company is up. 

When a new employee is onboarded, they require access to everything from a company email address, to shared drives, user accounts in integrated applications, and company-wide databases. Effective user provisioning ensures that everyone is given access to exactly what they need as soon as possible in a manner that doesn’t bog down IT teams, reveal confidential information, or require multiple back-and-forth conversations to acquire all the tools needed.

Quick and easy creation and management of a digital identity is such an integral part of business today that a consistent and efficient management system will ensure your employees can get to work right away.

Develop clear guidelines for sharing or restricting access

In order to make the most of your user provisioning system, you need to clarify internally what type of information and tools must be accessible to which individuals and teams. These guidelines will help create a checklist to use when a new employee is hired, or when an employee moves into a new role. This process will not only make things more efficient, but improve security as well. 

Start by creating an inventory of all the critical applications used throughout your organization, and work with IT to ensure they have a full understanding of all the tools on offer. Because of their wide use, these applications can pose the largest security risks, and should be treated with care. After everything is identified, parse out the necessary tools per department. Some applications will be shared widely across departments, some will have niche functions—the key is having oversight of each department’s needs, and how to provide timely access. 

Restricting access is a piece of the puzzle that can’t be overlooked. Not only is it overwhelming to inundate new hires with information they don’t require, but there can be legal ramifications for allowing access to confidential documents to employees who haven’t, for instance, signed an NDA. Once you’ve set up your guidelines, it’s easy to work with a single sign-on system to grant and revoke access to everything your teams need. Monitoring these guidelines and their efficacy once implemented will help you evolve your process over time.

Support your IT team with the right tools, apps, and oversight

It’s no wonder IT teams are often backed up with work—the sheer volume of requests is enough to overwhelm any team’s productivity. Providing IT with the right tools to easily and quickly complete ongoing tasks like identity management and digital profile creation helps to create a new roadmap for success. The more efficient the tools, the fewer requests to the help desk, the less potential for bottlenecks, and the easier it is to get back to solving more pressing issues. 

Features like dashboard oversight empower an IT team to quickly solve minor issues rather than getting tied up looking for the root of a problem. Since onboarding and offboarding are facts of working life, any way to modernize the processes will result in saved time and money.

Consider automated solutions to streamline the process

Another simple way to save time and money comes from automating systems you know will often be repeated. Once a new hire’s digital profile is created, the ability to automatically add them to every application they need to do their jobs—based on the guidelines you set out earlier—helps them to be ready on day one. 

The ability to work with a single sign-on means that your employee will start their first day with automatic access to everything they require from one central location. Automated data collection also enables you to see which apps are being used by which employees, further helping you to refine your guidelines of who needs access to what. 

Some automated features don’t just make the HR or IT departments’ lives easier, but employees’ lives as well. Being able to securely manage and share passwords means that not only can you be assured passwords meet a standard, thereby bolstering the security of your systems, but that your employees’ time will not be wasted remembering or resetting passwords for the multitude of digital tools and apps required to work these days.

Do not overlook deprovisioning

Unfortunately, deprovisioning is a necessary part of the workplace, and failing to cover all the bases can result in costly breaches. All of the access you doled out when onboarding must be walked back in the offboarding process, and when an employee has been with a company for years, it can be hard to keep track of just what they have access to unless you’re on top of your user provisioning. 

Automating deprovisioning just makes sense—something as important as maintaining system security should not be left up to individual or institutional memory. With a dashboard view of all the tools every employee is logged into, it’s as easy as a single sign-on to automatically revoke access to all channels and applications. Having to remember to turn off multiple accounts, or revoke access to apps, for each employee you offboard is not an effective or realistic use of HR time, when there are many more steps needed to complete an offboarding. 

Deprovisioning extends past an employee’s last day of employment, as after a decided period of time, dormant accounts should be deleted entirely from the system. Automating this process allows you to focus on the needs of current and future employees rather than those no longer working with you.

Powerful, secure software for your business

Effectively managing employees’ digital identities creates processes that benefit the company and the employee. Streamlined access to requisite tools helps new hires hit the ground running, and being able to provide those tools with ease transforms what can be a time-consuming process into a task as easy as hitting a button.

Onboarding and offboarding are rare access points with the potential to halt productivity at best and compromise security and confidentiality at worst. Choosing software that helps to automate this sensitive touchpoint provides peace of mind and, most importantly, facilitates a great first experience for any new employee joining the team. Learn more about a one-stop solution for all your user provisioning needs with Rippling’s App Management software.

last edited: March 26, 2024

The Author

The Rippling Team

Global HR, IT, and Finance know-how directly from the Rippling team.