Access Management Made Easy
Editor’s note: Thanks to our Customer Success Engineer, Thilina, for authoring this week’s post on the woes (and the solution!) for access management.I used to sit next to the IT SysAdmin of a small but rapidly expanding organization. I love to people-watch, and one of the things I would see them do–always accompanied by grumbling– (I used to people-listen, too) was handling access requests.One day after a particularly loud and animated grumble, I asked:“An access request again hey? What is it this time?”“Oi! Can’t get enough of my work, eh mate??” (They were British, so they said “Oi” not “Oy.”)“But yes..it’s another access request for [they mentioned a sensitive system], and it’s the fifth one today - I swear if they ask again…” Eventually, the profanity stopped, and I understood why it was so upsetting.
- The company had a list of applications that required access to be granted (or revoked) in a recorded and auditable way. Auditable is key here.
- My Admin friend was the admin of all the applications because managing them required tech skills. But the admin was not always not the “owner” or “approver,” the key decision maker who is supposed to vet requests.
- As a result, when someone wanted access, the admin couldn’t just grant it. They had to pass the request (via email or chat message) to the approver.
- And then wait. And sometimes, wait. And then wait some more. And nag the approver. And get nagged by the user.
- And when you get the approval back, they needed to record it to make sure the spreadsheets were up to date for that quarterly compliance nonsense.
- No fun!
It is the second decade of the 21st century, and people are still doing this. There’s got to be a better way.And with YeshID - there is!
1. Enter Your Applications & Their Owners
With YeshID you can add your applications and specify the application administrators – the owners or approvers I talked about earlier.When someone wants access or is onboarded or offboarded, or there’s any other activity that concerns the owner’s applications, YeshID notifies them. This means less shoulder tapping on the admin and notifications going to the right place at the right time. And there’s an audit trail for compliance.To get started quickly with your applications, YeshID provides two ways to add the admin (and login URL):
If you have a lot of apps that you’d like to get imported into YeshID, you can use a CSV file that has your list of apps and their owners.
And upload them to YeshID to quickly import your applications.
Or you can enter them one by one or edit them this way:
2. Update the Access Grid for your Apps
Once your applications are added, you can check out the Access Grid to see the current record of app-to-user memberships.From here, you can go in and quickly check off boxes to mark which users already have access to which apps.
An even quicker way to update an app's access, especially if you have many users, is to import a CSV of users per app.
When you click into an app, you can import a CSV of email addresses and Yesh will take care of the rest.
YeshID will finish by showing you the differences so you can review the changes being made.
3. Let your Users and App Owners take care of their own Access Requests.
Now, since you’ve already done the hard work of:
- Letting YeshID know of your Apps; and
- Updating the access for your Apps
You and your users are now able to do the following:
My-Applications
Since YeshID is integrated into your Google Workspace, any of your users can navigate to app.yeshid.com/my-applications where they will see a grid of applications they already have access to. (No more wondering: “Wait, which URL was it again?”)
Request Access
Now, when one of your users requires access to one of your organization’s apps, they can navigate to “All Managed Apps” and Request Access to their app of choice. They can fill in details to provide reasons for their request.
After they submit the request, YeshID will notify the Application Owner about a pending request.
If you’re an Application Owner, you’ll be notified with a link to a page where you can see the request and choose to either Confirm or Reject.If you confirm, YeshID will generate a task will be generated for the admin, and once granted, the user will see the newly granted application the next time they click on their My-Applications grid.
And just like that, a world of shoulder tapping, lost conversations, and requests falling off the side of a desk is avoided through the use of smart technology and engineering by your friends at YeshID.
4. Use Yesh to Ace your Access Audits
With YeshID ingrained into your employee lifecycle, audits and Quarterly Access Reviews (QAR’s) become a breeze.Simply go to your Access Grid and click on “Download Quarterly Report,” which will produce a spreadsheet created for access audits.
Review the details (there’s a sheet per app!), fill in any additional comments, and just like that - your Quarterly Access Review is done.
Conclusion
Ready to reclaim your sanity? By automating access requests and approvals, YeshID empowers admins and users. Users gain self-service access requests, and admins are freed from the time-consuming manual process of nagging app owers and updating spreadsheets.Sign up for a free YeshID trial today and see how easy access management can be.