Today at Knowledge15 — ServiceNow’s annual user conference, we are excited to announce the certification and availability of Centrify for ServiceNow – a key integration between the Centrify Identity Service and the ServiceNow Automation Platform. Through this blog I will paint more color on how Centrify and ServiceNow have partnered to create a vision of orchestrated service management based on user identity – one that we call “Identity Services Automation.”
Over the last few months, we have been in conversations with our customers who also run ServiceNow’s Automation Platform to manage their enterprise IT services. In speaking with our mutual customers, it became pretty evident that ServiceNow has brought convergence across otherwise siloed business divisions such as sales, legal, finance, marketing, operations, etc. In any mid-sized to large enterprise organization, there exists a healthy blend of end users and privileged users in every such department. For example, end users in sales are regional sales reps or account executives, whereas privileged users in sales are SVP/VPs of Sales or Head of Sales Operations.
The digital enterprise identity of these end users and privileged users becomes vitally important in maintaining the security of a company’s digital assets. What this means is that in the cloud era we live in, “super user” rights are no longer limited to IT gurus, but also now include the leaders and executives of departments who are “super users” of their own departmental key SaaS apps. If a hacker or malicious user obtains credentials for these users’ identities, then a lot is at risk with regards to company confidential data being exposed.
ServiceNow has done a great job providing a common service management platform across all departments. End users and privileged users in each such department access ServiceNow to log their service requests. Each such request translates into actionable incidents or workflow processes for the IT admin to act upon. In many cases, a workflow or process request ends up resulting in asking the IT admin or departmental exec to grant/revoke/change access privileges to a resource (whether app, server or mobile device). In the end, in a majority of these cases, an IT admin has to ultimately log on and troubleshoot the incident or tweak access controls on the target resource (again a remote server or app or mobile endpoint). This brings to light two key challenges:
Users in a department have to enter multiple credentials for their LOB SaaS app(s), departmental servers and one ultimately for ServiceNow to log their requests – simply put, they are drowning in app passwords. To solve this, typically users reuse or “recycle” the same password across apps – “same sign on” – which begs the question of security risks from a compromised password to all their apps in an instant.
IT Operational Inefficiency
IT and departmental admins now have to go to multiple places to get their job done – an ID management system, the actual server/network/app resources, and the ServiceNow platform. They don’t like multiple infrastructures/processes across disparate servers + apps + endpoints – they want a single “big easy button” to provision/de-provision users and their access to apps, servers & devices. In other words, wouldn’t it be nice for a true single orchestration point for all enterprise resources & services that includes identity & access workflows ?
The Centrify Identity Platform was built with this very scenario in mind, especially as users access apps and exchange files outside the traditional corporate perimeter and over cloud servers and mobile devices.
The integrated services between Centrify and ServiceNow deliver comprehensive “Identity Services Automation,” whereby identity is the central enabler of access for end users and privileged users in today’s siloed and decentralized IT environments. With Centrify’s SSO and MFA to ServiceNow, we have simplified access by leveraging a single username and password across ServiceNow and 3000+ other SaaS/on-prem apps, servers and endpoints. With user provisioning, Centrify can automatically create accounts within ServiceNow when employees join the organization, and revoke access when needed or for terminated employees.
Centrify is ultimately going to leverage actionable incidents and workflow processes and deliver automation for identity and access requests generated by ServiceNow’s platform. This means automating RBAC changes and performing remote access to any server and any app within the ServiceNow portal. For mobile devices, it means IT organizations can accelerate their mobile rollouts, provide a BYOD portal within ServiceNow and automate incident management for mobile apps and devices.
We believe Identity Management systems should be tied closely to Enterprise Service Management systems. This enables streamlining of processes, better visibility for InfoSec and better experience for end-users and privileged users. Centrify agrees with ServiceNow’s vision of a service-centered IT experience – we believe that Enterprise Service Management products will become the single orchestration point for all enterprise services for both end-users and privileged users.
To this end, we are providing Centrify for ServiceNow along with Centrify’s integrated enterprise mobility management features for FREE to ServiceNow’s customers for an unlimited number of users, and an unlimited period of time. Come visit our booth at Knowledge15 in Vegas to learn more!