Simple IDM

Solution description

The module is designed for centralized management of employee access to the organization's information systems. It covers the full lifecycle of work with accesses - from application to automatic revocation at the end of the term - with automatic maintenance of the register for accounting and control.

Solution functionality

Submitting access requests and creating accounts

Users can submit requests through the SimpleOne portal:

• To grant or revoke access to information systems.
• Each access is described in detail by system area (e.g., a specific database or network folder), role (permission level), and expiration date.

Automated approval of requests

The module supports a flexible approval procedure involving:

• Information system, area and role owners.
• The employee's immediate supervisor.
  In doing so:
• Duplicate approvals from the same person are eliminated.
• Setting up approval routes does not require changing existing workflows.
• After approval, requests are automatically assigned to a working group with the impact and urgency parameters specified in the system card.
• All participants receive full information about requested accesses in notifications.

Automatic maintenance of the access register

The registry records:

• Actual accesses granted.
• Access status (active, revoked).
• All metadata: system, domain, role, expiration dates, requests for which accesses were granted or revoked.

Automation of critical processes

The module automatically generates access revocation requests:

• When a temporary access expires.
• When an account is deactivated.
  This reduces the risk of uncontrolled access and ensures compliance with security policies.

Data import and export

• Supports loading of system, role, area and access registry directories from Excel templates.
• Ability to upload access registry and application log to Excel for analysis and auditing.

User Portal

• Users see an up-to-date list of their accesses.
• The information is presented in a user-friendly and clear interface in Russian.

Integration with external systems

The module supports integration with information systems for direct automatic granting and revocation of accesses through program interfaces. There is a ready integration for Active Directory: the processes of creating accounts and assigning rights are realized through the MID server, which allows you to automatically include employees in the required security groups.

LANIT - "Laboratory of New Information Technologies" is a leading multidisciplinary group of IT companies in Russia and CIS. It was established in 1989. Provides a full range of IT services, the number of which is steadily increasing due to the development of advanced and most demanded technologies and solutions. LANIT team - 14 500 people.

It is among the TOP-50 best domestic employers according to the results of the HeadHunter rating in 2024, ranks sixth in the rating of the best IT-employers in Russia according to "Habr Careers".