Onboarding and offboarding employees can be a task that is quite tedious for some organizations. There are many steps that need to happen to make sure a user is removed completely and correctly when they leave an organization whether on their own or if they are let go. There are both physical and cybersecurity steps that need to be taken to make sure the organization is protected once the employee leaves. Educating your customers on ways they can automate their on/off-boarding process as they pertain to cybersecurity and physical security will help foster a more valuable relationship with your customers and more importantly ensure that they have a holistic posture for both cybersecurity and physical security.
Many companies do this in separate steps. They will disable a user’s account from access to their domain, they will remove them from applications that they may have access to and then they will remove them from physical security systems. The fact that this is so reliant on human interaction with each of the systems can lead to things getting missed and user access being still active long after they leave an organization.
To help this issue there are many security orchestration automation and response (SOAR) tools out there. Security orchestration automation and response tools work by tying together different applications using application program interface (API) calls. This is a way that applications can talk to each other and perform actions based on the information provided by the end user to the SOAR that performs the actions. As more and more manufacturers of security equipment are using web-based applications with an open API, increasing revenue through the use of a SOAR becomes much easier. API integrations are the “Do you want fries with that?” for integrators. By offering a more holistic solution that supports both cyber and physical security, integrators can really differentiate themselves from the rest of the market while increasing RMR.
SOAR tools allow you to integrate many systems into a single pane of glass that can then be as simple as clicking a button to complete the removal of a user and disabling their access to both physical security systems and IT systems. If all of the steps above are completed promptly, the employee’s access will be removed and the potential of something being missed is extremely minimized.
There are many companies out there that provide free or open source versions of this software, though with that comes the burden of maintenance of the software and setting up of the commands and API connections, along with server hardware and software if the solution is not Software as a Service(SaaS) based. If your teams are already overwhelmed with the day-to-day then adding something more to their plate could be something that doesn’t work for your organization. With that said, though, a SOAR can automate more than just the removal of user accounts; it can automate many of the tedious tasks that IT does on a daily basis. It’s okay if your company is not well positioned to offer this service. Simply educating your customers about the tools that are available will still benefit both you and your customers.
Looking at the integrator’s operations through this perspective it is even more imperative that the integrator considers the use of a SOAR for their own organization. Mitigating the threat of an ex-employee that could potentially have access to thousands of accounts is an ever growing concern. Especially with more systems having remote access or a web-based user interface the risk footprint for integrators is a growing problem.