Get the Most Out of Access Request

The SailPoint Blog

Self-Service Access Request is one example of a way that organizations enable new and seasoned employees so they can get the access they require to get their jobs done. The concept sounds simple, right? Give users a catalog of items to choose from, allow them to submit requests, and carry the request through necessary reviewers before granting the access.

We have found that some Access Request programs fail to reach their full potential due to some complexities, like regulatory requirements or some access isn’t included because it’s just too risky to expose to everyone at the organization. SailPoint has developed a set of capabilities that enable organizations to stay compliant and mitigate risk so that Access Requests provide the complete self-service process with little-to-no manual intervention.

With the new capabilities added to Access Request, organizations can ensure that only necessary access is seen and requested by the right individuals. Most organizations have a complex mix of risky access, expensive access, the list goes on. The new capabilities added to Access Request give you the ability to make sure only the right people can see and request access to the tools they need. Here’s how.

Manage temporary access

There are often cases where access is only needed temporarily, perhaps to complete a project or fulfill a need for a set period. With the knowledge of an access expiration date, temporary access can be automatically removed when the individual no longer needs it. We also know that things change in today’s dynamic workforce, and this period may need to be adjusted to accommodate ever-changing business needs. With our new capabilities, users can view and modify the expiration dates, while still getting necessary eyes to review the changes before applying them.

Flag requests that need extra attention

When a request for new access is submitted, providing visibility into the “bigger picture” raises awareness to the requester and anyone reviewing the request, including any risk implications like gaining access needed to commit fraud. Separation of duties (SOD) is a method for ensuring no one has enough access to commit fraud on their own. Leveraging SOD library, every request will be evaluated to identify if an approval would result in a SOD violation. If a violation is found, both the requester and reviewers are provided visibility so they can make an informed decision to allow the request to continue by granting an exemption or stop it in its tracks.

Many organizations have taken the steps needed to empower their workforce with self-service tools and removed the burden from IT departments who have traditionally taken on some of these responsibilities. By using these new powerful tools, organizations can recognize the full power of their Access Request program.