Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
User account provisioning is the creation, management and maintenance of an end-user’s objects and attributes in relation to accessing resources available in one or more systems. Essentially, user account provisioning refers to the management of user rights and privileges. User account provisioning is one of many identity management procedures, and it defines the different ways of managing an individual’s digital identity, authentication and authorization rights.
User account provisioning may also be known simply as user provisioning.
The objects in user account provisioning may include the recipients of the service or the end-users. User provisioning can become a problem, especially for large enterprises, because determining access rights and privileges becomes more difficult the more employees and different positions there are within an organization. In such cases, companies may become burdened with problems revolving around their employees’ account management, and in giving them the proper account rights while also avoiding risks. The complexity of a provisioning method depends on the risk level and the resources that the end-users will access.
With cloud applications, active director (AD) user accounts, a number of business applications and other countless accounts that needs provisioning, the demands for user accounts provisioning services increases. These accounts need to be sorted and arranged depending on each account’s roles. They also need to be frequently updated. One of the proposed solutions is having a "people directory" in which each person has an account that’s connected to his or her other related user accounts like ADs or cloud apps. Work flow rules can establish the user from an authoritative position, probably someone in the human resource department, and give the user all the accounts they need based on their role or position in the organization. However, if the user wishes to leave, it’ll still be simple because all of his or her accounts are linked together, so they can all be de-activated at once.