As of April 2025, the new Identity Lifecycle Management module will be available on the IAM platform of Topicus KeyHub.
This Identity Lifecycle Management (ILM) module ensures that employees within an organization always have the appropriate access to systems and data—and that this access is adjusted or revoked in time when necessary. Based on information from an HR system, access accounts are automatically created, updated, and deactivated.
What is Identity Lifecycle Management?
Identity Lifecycle Management is a specific aspect of Identity & Access Management (IAM) that focuses on managing the entire lifecycle of user identities.
This process involves the creation, management, and deletion of digital identities of employees within an organization. Through automation, Identity Lifecycle Management ensures that user accounts are efficiently created, modified, and deactivated during an employee's tenure. This allows you to maintain control over the basic rights granted to a user. The result is improved workflows, time savings, and enhanced security.
Connecting the HR system to Identity Lifecycle Management
Identity Lifecycle Management heavily relies on integration with the HR system. An HR system contains the most up-to-date and reliable information about employees, such as their role, department, and status within the organization. By linking this system to Identity Lifecycle Management, a seamless integration is achieved, where HR data is directly translated into account management and allocation of basic access rights.
As soon as an employee is registered in the HR system, the account creation process starts automatically. All necessary data is taken directly from the HR system. Access is automatically granted based on the employee’s role or department. If any changes occur in the HR system, the access rights are automatically adjusted and/or revoked.
How does Identity Lifecycle Management work in KeyHub?
Automated account creation
When an employee is entered into the HR system, this automatically triggers the creation of a user account in KeyHub. Necessary data, such as name, role, and department, is directly retrieved from the HR system. This eliminates manual steps, saves time, and greatly reduces the risk of input errors.
Automatic assignment of access rights
Access rights are automatically assigned based on the employee’s role and/or department in the HR system. This policy-driven process ensures a controlled allocation of rights, preventing employees from gaining more access than strictly necessary. This enhances security and supports the “least privilege” principle.
Faster onboarding
Thanks to automatic account creation and access assignment, new employees can get started immediately on their first day with all the systems and applications they need. This prevents delays and increases the productivity of both new hires and their teams.
Access to high privileged accounts
Access to high-privileged accounts is not automatically granted upon account creation. Users must submit a request via a self-service portal, specifying the tasks or projects for which they require access. These requests are then reviewed and approved by the responsible manager.
Automatic adjustment of access rights in case of role changes
When an employee changes role or department, these changes are automatically passed from the HR system to KeyHub. Access rights are immediately updated to match the employee’s new responsibilities. This minimizes the risk of unauthorized access.
Added value of Identity Lifecycle Management
The added value of an HR integration in combination with Identity Lifecycle Management (ILM) for an organization is significant, as it enables real-time and efficient management of digital identities. This integration ensures that user accounts and access rights are managed automatically throughout the entire employee lifecycle, leading to improved workflows, time savings, enhanced security, and better compliance.
The key benefits of Identity Lifecycle Management for an organization include:
- Process automation: When an employee is entered into the HR system, the account creation process is automatically initiated. This saves time and eliminates manual steps.
- Faster onboarding: New employees have immediate access to all required systems and applications on their first working day.
- More efficient offboarding: When an employee leaves the organization, access rights are quickly revoked, preventing unauthorized access.
- Improved security: System access is controlled and policy-based, preventing accumulation of excessive rights. All access is automatically logged.
- Compliance with laws and regulations: The process is compliant with standards such as ISO 27001, supported by reports and audit logs. Auditors have direct access to reporting tools.
Want to know more?
Interested in learning more about the Identity Lifecycle Management module in KeyHub? Please don't hesitate to contact us.
