Situation:
Constant change is the challenge faced by IT user administration in a big company: employees leaving the company, new employees joining it, employees changing their jobs or taking on new tasks. Then there are all the business partners, contractors and customers, most of whom only need access privileges for a limited period of time. The company keeps track of these changes centrally (HR system, corporate directories), and IT user administration updates are triggered by the changes in the central catalogs. These updates have to be fast, reliable and efficient. Often, access rights are granted or revoked on the basis of complex authorization procedures.

Complications:
One of the main difficulties arises through the need to assign selective access privileges for a large number of different IT systems, although they relate to one logical task area. On one hand, this often means that some privileges aren't granted until the user specifically requests them, and on the other hand, some privileges aren't revoked although they are no longer required (something which the user won't think worth mentioning). The consequences cannot be ignored: long waiting times and a resulting drop in productivity, high security risks due to excessive privileges, perhaps even the loss of a customer or a business partner because business processes can't be implemented.

Solution:
To the greatest possible extent, these routine tasks can automated by making use of an Identity Management (IdM) system. Rules define how the logical task areas described in job descriptions are to be translated into access privileges (roll definitions). The SAM Jupiter Provisioning Server detects changes to leading HR systems or corporate directories, and rule-based Provisioning Engine transforms this information into system accounts and role assignments or authorizations that match the requirements of the users and target systems exactly.
This enables you to save up to 80% of costs compared with manual administration. At the same time, you not only increase user satisfaction, but also substantially enhance security by eliminating sources of error. With its central component, the Provisioning Server, SAM Jupiter is predestined to fulfil this requirement.