Hiring is a challenging and tiring process, but it doesn’t just stop at selecting the right candidate. It merely starts from that point, and then comes onboarding, which includes hiring a new employee and setting her up for success by connecting her to the IT resources she needs. These could be assets, applications, access and more.
Once an organization decides to move on from an individual, or vice versa, they need to ensure the organization is safe. That means deprovisioning access quickly and completely, ensuring all necessary documentation and papers are signed and submitted, etc. Offboarding is something that needs to happen all at once and very quickly.
We are all familiar with the Joiner-Mover-Leaver process. In short, they are three separate scenarios – when employees are recruited, when they change their positions inside the company and last but not the least when employees leave the organization, and their user accounts are terminated.
During the employee’s journey in the organization, either or all of the joiner/mover/leaver (JML) process comes into play at one point or another. This process is crucial for ensuring the right people have the right access to the right resources, at the right time. But with many firms still using manual processes, they’re missing out on the potential productivity boon a tight JML process can guarantee – and they’re leaving themselves open to security breaches.
Automation plays a key role here. When there is no manual work, there’s no option to bypass the system. So, here is how it should and can work. The “joiner” process should be triggered automatically by the HR system, Active Directory or by a web form that is filled out by HR team. The next step in the process is that user accounts should open automatically in all the relevant systems and report the status to the designated manager. Passwords should also be created automatically and be sent to the new employees’ smartphone, to ensure that nobody else receives the login credentials. In the same spirit of automation, the “mover” process should be identified, and the system should automatically send an email to the new manager that reads – “A new employee has joined your team and they have access to sensitive information. Do they still need all the permissions below?” An important hint here: many times, reducing the employee’s permissions will in turn reduce their license level. Lastly, for the “leaver” process, when a user account is terminated in the Active Directory, the automated system should also close the account in all other systems – including on-premises applications as well as cloud applications such as ServiceNow, Salesforce and Office365 etc.
We at Coforge have implemented the JML process in ServiceNow and automated all the key tasks within this process. As soon as an individual joins and a new hire request is submitted, our automated process flows ensure assignation of all the required systems and access to all necessary applications, right on their joining day. Similarly if an employee is separated, all the access is revoked automatically. Coforge has created a standard catalog for onboarding/offboarding which is a pre-built solution, with the flexibility to be customized as per customer needs.