By third parties, we mean your suppliers, partners, contractors, freelancers and volunteers who are not employed by your organisation and therefore do not appear in the HRM system.
To achieve your goals and respond to market opportunities and threats, it is increasingly important to work with third parties.
For these partnerships to be successful, the digital identities of these third parties need to access specific systems and applications in your IT landscape.
What is third-party access?
Third-party access is the process of granting, managing and revoking access to (parts of) your IT landscape. It also applies to third parties who should be given access to IT systems and applications via an onboarding and offboarding process, in the same way as you have done for your internal employees. This gives them access to the right information at the right time.
Why is it important?
You need to record the digital identities of your suppliers’ and partners’ employees somewhere to control access to your IT landscape. Unfortunately, traditional HR systems and the processes around them are often not properly set up to record the digital data of third parties. This often leads to ad hoc solutions that are fraught with security risks, time-consuming and often costly as a result.
Moreover, the ‘Data Risk in the Third-Party Ecosystem’ study by the Ponemon Institute shows that 59% of organisations have experienced a data breach caused by third-party digital identities.
That is why there is an urgent need for a solution to securely capture, validate and verify third-party identity data.
Example: A retail organisation with a franchisee
The employees of a franchise shop are not employed by the retail organisation but are contracted by the franchisee. Therefore, they are considered external identities by the retail organisation. These external employees need access to specific applications in the IT landscape and, like the internal employees of the retail organisation, they need a digital identity.
The identity data of internal employees is managed by the retail organisation’s central HR system. Based on this identity data and via an automated connection, digital identities are created in the retail organisation’s IAM solution. For these digital identities, access and rights for the IT landscape are also issued and managed in the IAM solution.
As the identity data of external employees is not stored in the HR system, digital identities cannot be created for them in the IAM solution nor can they access the applications in the IT landscape.
To solve this challenge, the retailer implemented a new central source system where each franchise store employee can be added by the franchisee. The identity data is then sent to the retailer’s IAM solution. There they are treated in exactly the same way as internal employees.
By capturing and maintaining data in a purpose-built application, you create a third-party source system that you can seamlessly connect to your Identity & Access management solution.
How does iD Veritas help with Third-Party Access?
iD Veritas enables you to carry out the onboarding and offboarding processes for external identities in a safe, efficient and controlled way. You are in firm control of the entire lifecycle. You can achieve this in five steps:
- All external identities in iD Veritas
Manually enter all external identities into iD Veritas, upload a CSV overview or connect iD Veritas to your suppliers database (via an API). This creates one central source of clean data of your organisation’s external identities.
- The lifecycle of external identities
External identities join your organisation; their role or function may change over time and, at a certain point, their contract ends. iD Veritas lets you manage and automate the complete lifecycle (also known as the Joiner-Mover-Leaver process) of your external identities.
How does this work in practice? iD Veritas automatically sends your IAM solution a notice when the end date of an external identity’s contract approaches, so the IAM solution can revoke the associated access and rights. Safe and controlled!
- Connecting to your IAM solution
iD Veritas can be connected to any Identity and Access Management solution on the market. iD Veritas uses open standards (such as an API) to send and receive information to and from your IAM solution. Your IAM partner can handle this connection between iD Veritas and your IAM solution. If you do not have an IAM partner, then The Identity Managers are here to help you.
- Outsourcing the work to your suppliers or resourcing partners
You have the option of outsourcing the management of external identity data to your resourcing partners. For example, you outsource administrative work such as the entry, modification and deletion of your external identities. All your organisation has to do after that is validate the information that was entered. Easy and efficient!
- Maintaining control and insight
Thanks to the security-by-design architecture and privacy-by-default functionality for the absolute separation of data, you can safely manage the identity data of your external identities. Standard functionalities such as a recertification process and extensive reporting possibilities not only put you firmly in control but enable you to demonstrate it as well. This makes it a lot easier to comply with laws and regulations.
If you would like to know more about the possibilities of managing external identities with iD Veritas, then contact us on 088-9982020, firstname.lastname@example.org or visit www.id-veritas.com.