JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

HR & IT: Coordinated Provisioning



Human resources managers and IT admins have traditionally operated in silos. That has meant they maintain separate directories and manually create asynchronous digital identities for the same users.

For example, HR managers use human capital management (HCM) systems and their associated directories to connect users with HR resources and manage payroll and benefits. Meanwhile, IT admins use separate directory services to connect users to IT resources like systems, applications, and networks. However, coordinated provisioning is an emerging concept that unites the two departments in their provisioning efforts.

Why Should HR & IT Coordinate?

When it comes to new users, the two departments have overlapping goals to get them provisioned and up to speed as quickly as possible. In competitive markets, particularly, a standardized onboarding experience is critical to retain top talent and minimize turnover of new hires who don’t feel properly acclimated or equipped. 

Beyond that, both HR managers and IT admins also have more valuable tasks to do than repeated manual data entry. Rather than having experts in both departments input similar data twice (or more) for the same user, the departments can coordinate and implement processes that require input only once and then propagate user information into the requisite directories automatically. This process saves them time, improves organizational security by reducing identity sprawl, and ensures IT has the most up-to-date employment information from HR. 

Synchronized & Automated Provisioning Workflow

IT leaders can implement the processes for an integrated provisioning workflow with less manual data entry, more accuracy, and better security by integrating their central directory with the HCM system. Then, the identity created in the HCM system flows to the directory and on to permitted IT resources via a variety of protocols — like SCIM, LDAP, RADIUS, and SAML.

By integrating the HCM system and the central directory, they ensure users have only one digital identity within company systems. From the central directory, they can then propagate that same digital identity to systems (Mac®, Windows®, Linux®), SaaS and on-prem apps, WiFi networks, VPNs, file servers, and more. Laid out end-to-end, the process looks like this: 

HR System → Central Directory → Systems, Applications, Networks, & Files

This improves user provisioning, deprovisioning, and modification because these changes flow throughout the internal systems. If, for example, an employee notifies HR of their last day and they are deleted from the HCM system, that change is reflected in the central directory and IT resources, too. 

Benefits for End Users

This workflow introduces benefits for end users, too. Effective onboarding begins before an employee’s first day on the job, and it includes the technological resources they need to get their jobs done. BambooHR CEO Ben Peterson told SHRM that, “If we don’t worry about onboarding before the employee starts, then we’re way behind.”

In this workflow, the moment an employee signs the offer letter and is input in the HCM system, they are then created in the IT directory, which provisions them to their permitted resources before they ever set foot in the office. That way, on their first day, they can log into their laptop, access the office WiFi, get started in their apps, and more with one set of authoritative credentials. 

Coordinated Provisioning Driven by a Cloud Directory Service

JumpCloud® Directory-as-a-Service® demonstrates this workflow in its integration with HCM software solution Workday®. JumpCloud is the first full-suite directory service in the cloud, and admins can use it to securely connect users to virtually all their IT resources, including systems (Mac, Windows, Linux), SaaS and on-prem apps, networks, and file servers. 

Using JumpCloud’s Workday integration, admins can monitor and adjust users as they import from Workday into JumpCloud, and then they can propagate those digital identities via cloud LDAP, RADIUS, and SAML to their permitted resources. Learn more about HR and IT integration in the cloud and creating the most efficient user lifecycle management workflow for everyone involved.


Recent Posts
Before purchasing a subscription to Azure’s top pricing tier, it’s important to understand what benefits and drawbacks AAD Premium P2 offers.

Blog

Understanding Azure AD’s Premium P2 Tier

Before purchasing a subscription to Azure’s top pricing tier, it’s important to understand what benefits and drawbacks AAD Premium P2 offers.

With IT budgets decreasing in 2020, some organizations need cost-effective system management. Try free MDM functionality here.

Blog

Free MDM

With IT budgets decreasing in 2020, some organizations need cost-effective system management. Try free MDM functionality here.

Learn how to prevent phishing attempts, protect Microsoft 365 identities, and make password changes easier for users. Try JumpCloud free.

Blog

Prevent Phishing of Microsoft 365 Identities

Learn how to prevent phishing attempts, protect Microsoft 365 identities, and make password changes easier for users. Try JumpCloud free.