Application (app) onboarding is the collective name for the combined business and technical processes that allow identity governance and administration (IGA) systems to connect to enterprise systems to identify accounts and privileges that users have. This is a key capability that helps the office of the chief information security officer, enterprise security architects, and identity credential and access management leads keep their organization’s data secure.

App onboarding provides situational awareness and insight into user accounts and associated privileges, so you know who has access to your sensitive, high-value systems and how they are using that access. There are myriad capabilities and benefits to app onboarding, and it is likely you have identified some of these at your organization. For example, app onboarding lets you be proactive to evolving user access needs. It is common for employees who move into new roles to gain additional access while still retaining their old digital user rights. Once a target application or system is onboarded into the IGA system, organizations can identify if users have more access than needed and remove it. Similarly, onboarding the application also allows automating the provisioning of new access needed for existing employees as well as those joining the organization, so they can immediately access their applications and be productive on day one.

A Suggested Roadmap for App Onboarding

App onboarding starts with your organization’s master user record collected through the identity governance tool. Pulling in these authoritative sources of data gives you an understanding of the identities across your organization.

An application prioritization process comes next. Sila suggests integrating applications based on the risk reduction the integration is going to provide. Although organizations sometimes lack a holistic view of the risk profiles for all their systems, we recommend starting with the platforms that support/manage multiple applications, such as Active Directory – whether on-premise or in the cloud. Next, prioritize the high-value applications whose compromise would substantially impact the organization, such as financial and payroll systems and databases, or security operations center systems that access sensitive data.

Next, application discovery should be conducted to understand the security model of prioritized applications and the architecture to integrate them with your organization’s IGA solution.

The final step is the technical integration between the identity system and the target application. Sila has streamlined this with a unique accelerator that automatically creates multiple integrations of the same type of platform. Hundreds of applications that can be logically identified as a collection can be rapidly onboarded with this tool.

If completed in the iterative fashion described in this roadmap, app onboarding can quickly show a return on your organization’s IGA investment by reducing IT administration and help desk costs, as well as negative impacts to user productivity that are associated with manual processes to add and revoke access.