Business users today are looking for digital simplicity. Regardless of the activity itself, the goal is to establish an easy, pleasant and repeatable process. This expectation especially applies to making requests within an organization, such as requests for physical supplies or access to certain applications. If users have to jump through hoops to obtain items that will help them do their jobs, they’ll grow frustrated and look for alternative methods. Essentially, users are looking for one place to go to make any type of request.
When it comes to access-related requests, the process is more complicated. Line-of-business (LOB) managers are responsible for granting and recertifying access to applications. They are the ones that organizations rely on to validate that Joe the accountant should have access to the financial systems and files he needs, or that Lisa, who no longer works in human resources, should have her access to sensitive employee information revoked. LOB managers must understand requests in common business language so they can make the right decisions when it comes to granting access.
A Single Platform for Access Requests
Organizations need to bring all request activities together in a single platform that can make informed decisions using detailed identity insights. ServiceNow, a popular service management platform, has been integrated with IBM Security Identity Governance and Intelligence (IGI) to help facilitate requests in a user-friendly interface with comprehensive governance capabilities to keep them secure.
Think of ServiceNow as the face of the platform: Users can work from the familiar ServiceNow environment to submit any requests they might have. In the background, IGI acts as the brain, figuring out what access the user should have in a closed-loop process that automatically returns the status back to ServiceNow.
Identity Governance and Intelligence in Action
Take the simple use case of requesting access to an application. Identity Governance and Intelligence provides a catalog of access that meets the principle of least privilege. With ServiceNow and IGI working together, a user can log in to the ServiceNow platform and submit a request from the access catalog. This request is then sent to the user’s manager, who then approves or rejects it within ServiceNow.
In the background, IGI is reviewing and processing the access request with built-in segregation of duties (SOD) violation detection. These SOD checks happen in real time while the user builds the request content, before he or she submits it for approval. The SOD controls restrict access for users who show conflicting activities. For example, a user who is able to issue a purchase order should not be granted access to approve that purchase order. Once the access request is approved or rejected, IGI automatically fulfills the request on the target application and updates that information back to the ServiceNow platform audit trail.
A Frictionless Help Desk Experience
With IBM Identity Governance and Intelligence integrated into ServiceNow, users can submit all requests in one location using the same interface they’ve always used to request IT support, access to business applications and even office supplies. This enables the LOB and IT managers to work together toward compliance and security goals while still providing end users with a familiar, frictionless help desk experience.