CyberArk Glossary >

What is Identity Lifecycle Management?

Identity lifecycle management refers to the process of managing the user identities and evolving access privileges of employees and contractors throughout their tenure—from day one through separation. A fundamental element of a complete identity security offering, an identity lifecycle management solution automates and simplifies the processes associated with onboarding and offboarding users, assigning and managing access rights, and monitoring and tracking access activity.

Why is Identity Lifecycle Management Required?

Many corporate IT and security organizations rely on inefficient, manual processes to provision new users and manage their privileges. It can take days (or even weeks in some businesses) to onboard new hires and give them secure access to the applications and IT systems they need to effectively perform their jobs.

To make matters worse, many businesses have no formal or automated processes for reprovisioning privileges or deactivating user accounts as workers take on new roles or exit the company. As a result, accounts often remain in place long after employees leave the business or change positions. Disgruntled workers, rogue contractors, and adversaries can exploit dormant accounts or stale user privileges to launch attacks or steal confidential data.

Identity lifecycle management solutions overcome these challenges by automating manually intensive and error-prone user provisioning and identity governance processes. They help improve employee productivity by allowing new hires to hit the ground running with day-one access to their applications and IT services. They help businesses reduce security risks by eliminating privilege creep and out-of-date user accounts. And they help IT and security organizations free up staff to focus on more important tasks to support the business.

Key Identity Lifecycle Management Features and Functions

Most identity lifecycle management solutions provide administrative tools for onboarding and offboarding users and managing their access privileges throughout their course of employment. They provide self-serve portals that let users request access rights and update account information without help desk intervention. They provide tools to automate and streamline approval workflows. They provide centralized monitoring and reporting capabilities to help corporate IT and security teams track access activity, investigate security incidents, and support compliance audits. And they integrate with HR systems like Workday, UltiPro, BambooHR, or SuccessFactors, as well as corporate directory services like Microsoft Active Directory, LDAP, or Google Cloud Directory to simplify employee onboarding and to eliminate redundancies and inefficiencies.

Managing Access to Cloud Applications and Services

The latest identity lifecycle management solutions can be used with SaaS solutions like Microsoft 365, Box, and Dropbox. Businesses can use identity lifecycle management products to automate the entire process of onboarding a new user, creating a SaaS account (such as a Microsoft 365 account), and provisioning the user’s privileges.

Identity as a Service Solutions Deliver Cloud Economics, Simplicity, and Agility

Historically, most businesses used on-premises solutions to manage user identities and access privileges. Today, many organizations use Identity as a Service (IDaaS) offerings to streamline operations, accelerate time-to-value, and support digital transformation initiatives. An IDaaS offering is delivered as a cloud-based service, hosted and managed by a trusted third party for ultimate simplicity and agility.

IDaaS solutions combine all the features and benefits of an enterprise-class identity security solution with all the economic and operational advantages of a cloud-based service. They help businesses reduce risk, avoid IT infrastructure cost and complexity, and accelerate digital transformation.

Best-of-breed IDaaS solutions provide comprehensive lifecycle management capabilities, including automated user onboarding, offboarding, and access-rights provisioning; self-serve portals and automated approval workflows; HR and directory services integration; and access monitoring and reporting tools.

Learn More About Lifecycle Management

関連用語リスト