Starters, Movers, Leavers Automation
The processing of new starter to a businessis a hugely complex and time-consuming process for Service Desks and IT departments. When a new starter joins an organization there is nothing more frustrating than having to wait for access to email and the other tools they need to start becoming a productive team member.
Processing leavers is an equally complex task but for security and commercial sensitivity is arguably even more time critical. Businesses would like to give team leaders and managers access to process their own Starters and Leavers via self-service facilities to reduce the workload on the heavily utilised service desk and front-line support teams. Equally with IT Security being in the forefront of everyone’s minds it is a challenge that requires careful balancing between providing the right facilities to end users, and not compromising the security or integrity of your configuration.
Therefore, companies are increasingly looking for Automation to improve consistency and supportability, along with the self-service facilities whilst maintaining the security controls. To meet this need Kelverion have built the Starters Movers Leavers (SML) Solution.
The SML Solution provides an easy to use interface using the Kelverion Automation Portal, users are able to enter the portal and submitted requests to create access for Starters, change access for employees who Move roles and terminate access for Leavers.
Access to the portal is provided via group membership, but these rights are isolated from the IT infrastructure, such as Active Directory and Office 365, so it’s possible to provide Users the ability to manage Employee Start and Leave access without them having rights or access to directly manage users and licenses. All the actions against the IT systems are carried out using Azure Automation, so every change is logged and carried out in a consistent way. All the data that drives the requests in the automation portal is discovered and maintained by the Azure Automation runbooks, so the Automation Portal is always in sync with the IT management experience.
The solution has three framework processes; automate a Starter; a Mover; or a Leaver. Within those three frameworks we provide a set of pre-built action Runbooks which can perform actions as part of one of the framework process Starter, Mover, Leaver. The below action runbooks can be used within the framework to achieve the desired process, these form a structure that is easy to extend and provide an excellent starting point for organisations to continue their automation journey.
• Create O365 User
• Add User to Groups
• Remove User from Groups
• Enable O365 Litigation
• Remove a License
• Disable Login
• Delete User
• Enable User
• AD Add User
• AD Add User to Group
• AD Remove User from Group
• AD Enable/Disable User
• Exchange Add User