Skip to content

Employee

Employee Identity in SailPoint Entro

Overview

Employee identities are crucial in maintaining the security and integrity of any organization. At SailPoint Entro, we ensure that employee identities are managed with the highest level of security, enabling safe and secure access to the organization's resources.

Key Concepts

1. Employee Identity

Employee identity refers to the unique digital representation of an individual within an organization. This includes their credentials, roles, permissions, and any other relevant information that defines their access and activities within the company’s systems.

2. Authentication

Authentication is the process of verifying an employee's identity when they attempt to access the organization’s resources. This can include methods such as passwords, multi-factor authentication (MFA), biometrics, and more.

3. Authorization

Authorization determines what an authenticated employee is allowed to do within the system. This involves setting permissions and access controls based on the employee’s role within the organization.

4. Role-Based Access Control (RBAC)

RBAC is a method of regulating access to systems and information based on the roles assigned to individual employees. This ensures that employees only have access to the information and resources necessary for their job functions.

Managing Employee Identities

Onboarding New Employees

  1. Identity Creation: When a new employee joins, their digital identity is created within SailPoint Entro's system.
  2. Role Assignment: Appropriate roles and permissions are assigned based on their job responsibilities.
  3. Credential Issuance: Secure credentials are issued, and MFA is configured to ensure secure access.

Updating Employee Information

Employee information may need to be updated due to role changes, promotions, or other organizational shifts. This includes:

  • Role Changes: Updating permissions and access levels.

  • Personal Information: Updating contact details or other personal information.

  • Credential Management: Resetting passwords or reconfiguring MFA.

Offboarding Employees

When an employee leaves the organization:

  1. Revoke Access: Immediately revoke access to all systems and resources.
  2. Deactivate Identity: Deactivate the employee’s digital identity within the system.
  3. Audit Logs: Review audit logs for any unusual activities before and after the employee's departure.

Security Best Practices

Multi-Factor Authentication (MFA)

Implement MFA for all employee accounts to add an extra layer of security beyond just passwords.

Regular Audits

Conduct regular audits of employee access and activities to ensure compliance with security policies.

Principle of Least Privilege

Adopt the Principle of Least Privilege by granting employees the minimum level of access necessary to perform their job functions.

Security Awareness Training

Provide ongoing security awareness training to employees to educate them on best practices and emerging threats.

Frequently Asked Questions (FAQs)

Q1: How do I reset my password?

A: You can reset your password by navigating to the ‘Account Settings’ section and selecting ‘Reset Password’. Follow the instructions to complete the process.

Q2: What should I do if I suspect my account has been compromised?

A: Immediately report the incident to the IT security team and change your password. Ensure your MFA settings are also reviewed and updated.

Q3: How can I request additional access permissions?

A: Contact your manager or the IT security team to request additional permissions. Your request will be evaluated based on your role and job requirements.

Contact Support

For any further assistance, please contact the IT security team at support@entro.security