Automating Egnyte User and Role Provisioning for Increased IT Security and Productivity
Automatically provisioning and de-provisioning employees with the right applications and privileges not only improves IT productivity but is critical to increasing IT security and compliance. Consider this real life example: You hire a new employee and issue him a corporate email address and login credentials. He uses his corporate email address to sign in to various systems like email, CRM, and your Egnyte enterprise file-sharing platform. But how do you ensure that each employee is provisioned with the right entitlements inside each app? What happens when that individual leaves the company? How do you, as an organization, access and control all the data produced by the employee, while also ensuring that he can no longer access the data after he moves to his next job?Manually creating, updating and deleting users in cloud apps burn up valuable IT resources. Worse yet, leaving active SaaS seats for former employees wastes money and poses a security risk. The good news is that when a new user is created or deleted in OneLogin, Active Directory or LDAP Server, OneLogin will push that change to Egnyte and your other cloud applications in real time.Basic User Provisioning is Good; Adding Entitlements is BetterOneLogin’s deep integration with Egnyte goes one step further. OneLogin not only creates the user but can even set entitlements. For example, upon creating a new user in Egnyte, OneLogin can automatically assign the new user to the Admin, Power User or Standard User role within Egnyte as shown in the OneLogin screenshot below:
In this example, we’ve created some simple entitlement mappings in OneLogin that say if a user is part of the Employee Group in Active Directory, then they should be assigned to the Power User role in Egnyte. However, if they are part of the IT Admin Group in Active Directory, then they should be given the Admin role in Egnyte.
One-Click Deprovisioning Secures your Sensitive Business DataThe real-time Active Directory integration is useful when people join an organization, or gain responsibilities, but is absolutely critical when they leave or lose responsibilities. With OneLogin, you can instantly disable Egnyte access for leavers in real time by removing them from Active Directory, and there’s no need to check back later. That’s peace of mind.Interested in trying out OneLogin to manage your user identities in one comprehensive environment? You can check out more details below to get started today!Additional Resources:
- Sign up for the OneLogin Free Forever Plan for Egnyte
- Configuring SAML and User Provisioning for Egnyte in OneLogin
- Webinar: I AM BYOD - Identity and Access Management Across Multiple Devices
This is a guest post by Elias Terman, VP of Product Marketing at OneLogin-- the leading provider of enterprise identity management, and an Egnyte partner. The capabilities described in this blog post are available to all Egnyte customers for free as part of the OneLogin for Egnyte Free Plan.