This document describes and justifies current user provisioning best practices in an enterprise network. It is intended to offer reasoned guidance to information technology decision makers when they set security policy and design processes to manage user identity data, such as accounts and directory objects, across multiple enterprise systems.
The document is organized as follows:
Background information:
Defining enterprise identity management and identifying business drivers for and deliverables from user life-cycle management.
Business drivers:
Including both hard and soft costs, security threats and regulatory compliance.
Human factors:
How human behaviour affects identity management outcomes.
Administration processes:
Recommended business processes for managing user identity data and user access to systems.
Internal controls:
Requirements and recommendations for establishing effective internal controls over user access to systems.
Find out more:
Other resources with information about password management.
41. User Provisioning Best Practices
• Identity synchronization means that corrections to user information can be made just once, on an
authoritative system and are then automatically copied to other applications.
• Built-in reports make it easier to answer audit questions, such as “who had access to this system on
this date?” or “who authorized this user to have this entitlement?”
www.Hitachi-ID.com
500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com
File: /pub/wp/documents/bestpractice/hiim/up-bp-6.tex
Date: 2010-03-15