Skip to main content

Offboarding

Use case

Over a life cycle of a user they will need to be removed from the system. A user may be required to be deactivated because their contract has concluded or there is a need to urgently deactivate them. Depending on the need, the users will go through a termination process that will progress over several stages including, warning their manager, disabling and archiving their accounts and finally deleting and cleaning their access and information.

Solution

Bravura Identity includes scenario components to manage the offboarding of users from the system. This can include scheduled termination or urgent termination.

Bravura Identity can detect when a user’s scheduled termination date is approaching. The termination date will either be set by the manager or via a human resources system. Bravura Identity will inform the user’s manager via email that they have a subordinate that will be terminated soon. This will give the manager an opportunity to review and potentially extend their access.

When the user’s termination date has been reached Bravura Identity will disable the user’s access. The manager has the option to restore the user at this point if they so desire. After a period of time the user’s access will be archived. This process can include moving accounts into a different organizational unit or group and moving home directories.

After another period of time the user’s access will be cleaned up by deleting accounts and the user’s personal information may be deleted from Bravura Identity . Some information will remain in Bravura Identity to detect whether or not the user can be rehired.

Best practice

Configure Bravura Identity to monitor upcoming terminations. At a minimum, send email reminders to managers telling them their soon to be terminated subordinates and a url link to extend the user’s access period. Warning emails should be sent to managers 30, 15 and 10 days before the access is terminated. The archive and cleaning phases should be set to a minimum of 90 and 180 days respectively.

Initial considerations

Answer the following questions to determine the best solution:

  • Are there employees that have a set termination date like contractors? Setting a user’s termination date may allow greater flexibility for contractor termination or renewal processes.

  • Is there a need to urgently terminate a user and remove their access? A situation may arise where a user’s access needs to be removed immediately.

  • Where is the scheduled termination information coming from? The user’s manager or a human resources system may have this information which is propagated into Bravura Identity.

  • What process or periods of time for each stage do you want users’ access to go through? The periods of time between notifications of termination and final clean up can be configured.

  • Does the user’s personal information need to be deleted during the final stage? Depending on your locale this may be required to be compliant with legislation.

In this section: