How to Best Control Third Party User IT Access

Written by Rajat Bhargava on November 3, 2015

Share This Article

Organizations today aren’t simply their collection of employees. Companies now leverage contractors, vendors, and other third parties across all departments. In fact, it’s often difficult for companies to locally find all of the resources they need or hire them to full-time positions. Sometimes, the tasks don’t require a full-time person, but part-time contractors with particular expertise and experience would help. Because of this modern way of working, IT admins are  challenged with best determining how to integrate these third parties into their user management approach.

Determining IT Access for Contractors, Vendors & Others

Different types of third parties often need different levels of user access, based on what’s best determined by the company. For example, contractors are often treated more like employees with respect to access, since they may have a corporate email address and, often, longer-term arrangements with the organization. Vendors are generally not included as deeply into the network infrastructure, and their access may often be more temporary. Other third parties can have varying levels of access, from full access to partial access, depending on what they were hired to do. What’s more, these contractors, vendors, and other third parties are also often not located physically with the rest of the organization, further complicating IT access.

Uncomplicating IT Access for Third Parties

Traditional directory services struggle with providing third parties with access to IT resources. Most on-premise directories either treat the individual as an employee or they aren’t included whatsoever. It’s difficult to provide partial and temporary access without doing a great deal of manual work. Many organizations also eschew the idea of placing temporary workers into their permanent Microsoft Active Directory. As a result, there is often no easy way to provide third parties with access to the IT resources they need.

Some organizations are turning to a new cloud-based infrastructure service called Directory-as-a-Service (DaaS). DaaS centralizes control over user management functions for both employees and third parties, including contractors and vendors. The benefit of Directory-as-a-Service is that it can function as a complementary directory to an organization’s AD user store or can be a core integrated authoritative directory source. For those that use DaaS as a separate directory for third parties, Directory-as-a-Service ends up being a much easier method to separate employees from third party users while keeping the overhead for the IT team down.

Interested in learning more about how to control third party user access? Drop us a note at JumpCloud or try Directory-as-a-Service for free.

Continue Learning with our Newsletter