February 23, 2018 By Katherine Cola 2 min read

Business users today are looking for digital simplicity. Regardless of the activity itself, the goal is to establish an easy, pleasant and repeatable process. This expectation especially applies to making requests within an organization, such as requests for physical supplies or access to certain applications. If users have to jump through hoops to obtain items that will help them do their jobs, they’ll grow frustrated and look for alternative methods. Essentially, users are looking for one place to go to make any type of request.

When it comes to access-related requests, the process is more complicated. Line-of-business (LOB) managers are responsible for granting and recertifying access to applications. They are the ones that organizations rely on to validate that Joe the accountant should have access to the financial systems and files he needs, or that Lisa, who no longer works in human resources, should have her access to sensitive employee information revoked. LOB managers must understand requests in common business language so they can make the right decisions when it comes to granting access.

A Single Platform for Access Requests

Organizations need to bring all request activities together in a single platform that can make informed decisions using detailed identity insights. ServiceNow™, a popular service management platform, has been integrated with IBM Security Verify Governance to help facilitate requests in a user-friendly interface with comprehensive governance capabilities to keep them secure.

Think of ServiceNow as the face of the platform: Users can work from the familiar ServiceNow environment to submit any requests they might have. In the background, Verify Governance acts as the brain, figuring out what access the user should have in a closed-loop process that automatically returns the status back to ServiceNow.

Verify Governance in Action

Take the simple use case of requesting access to an application. Verify Governance provides a catalog of access that meets the principle of least privilege. With ServiceNow and Verify Governance working together, a user can log in to the ServiceNow platform and submit a request from the access catalog. This request is then sent to the user’s manager, who then approves or rejects it within ServiceNow.

In the background, Verify Governance is reviewing and processing the access request with built-in separation of duties (SoD) violation detection. These SoD checks happen in real time while the user builds the request content, before he or she submits it for approval. The SoD controls restrict access for users who show conflicting activities. For example, a user who is able to issue a purchase order should not be granted access to approve that purchase order. Once the access request is approved or rejected, Verify Governance automatically fulfills the request on the target application and updates that information back to the ServiceNow platform audit trail.

A Frictionless Help Desk Experience

With IBM Verify Governance integrated into ServiceNow, users can submit all requests in one location using the same interface they’ve always used to request IT support, access to business applications and even office supplies. This enables the LOB and IT managers to work together toward compliance and security goals while still providing end users with a familiar, frictionless help desk experience.

Read the data sheet: IBM Security Verify Governance

More from Identity & Access

Passwords, passkeys and familiarity bias

5 min read - As passkey (passwordless authentication) adoption proceeds, misconceptions abound. There appears to be a widespread impression that passkeys may be more convenient and less secure than passwords. The reality is that they are both more secure and more convenient — possibly a first in cybersecurity.Most of us could be forgiven for not realizing passwordless authentication is more secure than passwords. Thinking back to the first couple of use cases I was exposed to — a phone operating system (OS) and a…

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today