HR vs IAM Identity Variance
Most enterprises have either HR and/or a Payroll system where identities are created and assigned roles. Unfortunately – this information is NOT always consistently synchronized with the Identity and Access Management (IAM) systems.
Thus an enterprise-wide identity issue exists which includes these problems:
- Are the users aligned between the HR and the IAM systems?
- Are the groups aligned between the HR and the IAM systems?
- Are non-active, deleted or suspended HR users active in the IAM system?
These and more questions – come up for various reasons:
- For identity audits (HIPAA/HITRUST, SOX, CMMC, OSI 27001, etc)
- For security purposes (implementation of the Principle of Least Privilege (PR.AC-6)
- For rightsizing licenses between the HR and IAM systems.
YouAttest: Identifies HRS-vs-IAM Identity Variance
Discrepancies between the HR and IAM identities, identified and remedied by YouAttest include:
- Existence (ghost, missing, active/non-active users)
- Membership (group/role entitlements)
YouAttest automates the comparison between your HR system and your IAM system (Azure AD, Okta, AD, Jumpcloud) to uncover misaligned identities.