Onward Receives Atlassian Partner of the Year 2023

Best practices for setting access controls during new hire onboarding, offboarding and transfers

In this article, we discuss the need for access control automation and the common pitfalls in user provisioning, as well as how the process should be standardized for onboarding, offboarding, and internal transfers.

Role-Based Access Assignments

Most of the time, this task begins with the IT department, and support engineers work based on a standardized access request process. Access is either granted within the application or added to the necessary groups in identity management solutions like Okta, following the review and approval of the respective managers.

However, a common issue that frequently arises is that teams often bypass the process. Access is provided first, and then a ticket is created for audit and compliance purposes. One effective tip to enhance the experience is to establish a baseline access control for specific roles that can be automated. If any special or specific permissions are required, they should go through an approval process.

Automate Access Provisioning

Utilize native integration tools to automate the access provisioning process. Tools like OnLink can integrate Jira Service Management with your HR system and identity management systems such as Okta, JumpCloud, and Azure AD. This integration makes it easier to grant, modify, or revoke access as employees come and go. Automation reduces the chances of human error and expedites the onboarding process.

A valuable tip is to apply the same process in reverse for offboarding and internal transfers. This approach ensures that there is a clear audit trail of employee role changes and related actions.

Ongoing Access Review and Revocation Process

Access control isn’t solely about granting permissions; it also involves the regular review and revocation of access that is no longer necessary. Establish a process for periodic access reviews and ensure that managers actively participate in this process. Jira Reports and Dashboards can be quite helpful in providing detailed reports on access provisioning, de-provisioning, and various change requests from both new and existing employees.

Effective access control and access management during employee onboarding, offboarding, and internal transfers are crucial for maintaining a strong security posture and avoiding potential compliance issues.

Here are few how-to-videos that you may find useful

Okta Account Provisioning

Azure AD Account Provisioning

Azure AD Apps Provisioning

We would be interested in hearing about how teams use Jira Service Management for automating and managing access control.