KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Most of the companies today are handling all external users with HR processes using HR systems, which can cause friction and inefficiency when managing external users' lifecycle.
Most of the companies today are handling all external users with HR processes using HR systems, which can cause friction and inefficiency when managing external users' lifecycle.
Okay, thank you. And you pronounce my name much better than most of the people. So thank you. My name is Laura and I'm a partner at ly and a partners and responsible for business operation. And mainly focusing on the IGA business. I've been working roughly 22 years in it in various positions. Most of my career have been in management position, responsible for global teams. And as with my various roles and responsibilities, IGA has been part of my life for a long time today. I got a touch, a topic which divides opinions within the different companies.
As I talked with companies more and more of them are considering whether to move to external users away from the HR processes and the systems, and have some other way of managing the external users. There are of course, many types of external users. There are those that have a position within the company and work the same way as the internal employees. And then there are those non position users who come through subcontracting today. I will be focusing on this non position, external users, those that have a position within the organization, my be better to live in the HR system.
I'm not saying that it'll be a bad practice to keep externals in HR system, but just want to give you another option for this as handling of the external externals in IGA. Why should it be used for the external users and not the common way today by keeping those users in the HR systems as before I'm not talking about, I'm not talking about the non and external users first and in my mind, the biggest benefit is the efficiency by ordering the externals through HR, you will need to wait for the process to go through before you can access start ordering any accesses for the user.
This delay is caused from getting the necessary approvals, as well as if request doesn't have appropriate accesses to the HR system to create the external system sales it'll, then go through the emails and tickets and to be manually handled by the HR and using the IHA directly to request the external users. You can create the request during the same session as you request external users to order any access rights and job pros, which the user might need. There is no delays caused by the process and no extra work required by the HR.
Also on the security perspective, you will need to audit trail for all the submit and information who made it by using the IGA for all. You will have all log entries for whole external user life cycle in one place. Also some of the legacy HR systems might not even support authorization workflows, which means that this will be also a mono step for the HR to handle.
You can also think how you can handle the situation where you need to suspect external users temporary, for example, doing long leads and how you can inactivate all of those outcomes easily and automatically external users do not usually require the capabilities by the HR system, payroll as an example, but you're still required the IGA for handling the accesses systems. So it, it does not necessarily make sense to pay for the HR licenses for these users. Then you are handling non external users. Usually HR does not even need to be involved as the work is done.
According to the contract with another company and invoiced as such in IGA, you can manage the whole life cycle of the external users. This starts when external users starts working for the company and required outcomes and access, right, are given for the users based on the job pros and other requests. IGA will manage the segregation of duties and any position changes. Target systems are reconciled periodically. So all outcomes and access rights are known for the IGA.
It is also important that external users are re certified periodically to make sure that you don't have any external users who are no longer working for your company, as well as those that do don't have any unneeded accesses. When user contract ends users are terminated automatically and all the outcomes and accesses are removed. This can be also done of course, manually. At any point, when user no longer requires to access the company system. Let me now show you an example, how to manage the external users in IGA. The whole eye cycle can be managed to the IGA Porwal.
In my example, I will be using the ServiceNow Porwal with our own IGA ServiceNow application. As a backend, let's start by requesting new external user. So you would be going through the Porwal and get the phone requesting the new external user. You fill the information like contrast, start date and date name, email company manager, phone number, and so forth. And you can also select for the external users depending what they are going to be doing within the company, and which will then give the user his or her per rides.
This will create and request, and it will call through the necessary approvals. There can be from zero to end approvals, as well as any checks you want to have for the external users like for mandatory trainings and NDA. After you have a, was that the external user after your request, the external user, and even during the approval process, you can start ordering any system specific accesses, which are not given through the added job process in the form. You can see the ones which are coming from the job, which are now in the request state.
And I have put also the gap that the user would need this new access, right? As well after requesting the, a access rights it'll okay, and require any approvals required for these access rights. If request for new user has not come through yet, it will then go to the bending state until it has been approved. And the external user has been created. As I said earlier, it is really important that we have a checks that all external users are still working for the company. And those that do don't have any in accesses to your systems.
This recertification will create task for your external users, managers who will then need to pass the audit before they end date during the audit use, of course, remove any unnecessary accesses from these external users. When external users contract ends, termination processes started automatically. You can also manage terminations manually.
As I mentioned earlier, using the IGA Porwal or the ServiceNow Porwal in my example, to terminate the external user, you can also have different kinds of terminations and even manage long leaves where you only pass away the accounts, but don't actually remove any accesses or job pros. And when the user returns, we can easily reactivate the user accounts. And thank you for my time. And I will be of course, glad to discuss this more as any other IGA topics as the IGA speak part of my life. And you can find my information on the screen as well, and find me and link it in.
And also my company information is there. So you can click and see more about where I work and what kind of things we do.
Well, thank you very much.
