Definition

user account provisioning

User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and access to software and data is consistent and simple to administer.

User provisioning has become a critical problem for enterprises looking to lower the administrative burdens of account management, while also trying to reduce risk. The level of complexity of a provisioning process is typically related to the level of risk associated with the resources that will be accessed by the user.

Types of user account provisioning include:

Discretionary account provisioning - allows a network administrator to decide for himself which applications and data the end user should be able to access. A discretionary approach is often used in small or mid-sized companies.

Self-service account provisioning - allows users to participate in some aspects of the provisioning process in order to reduce the administrator's overhead. Typically, users are able to request an account and manage their own passwords.

Workflow-based account provisioning - gathers the required approvals from the designated approvers before granting a user access to an application or data. For example, the business rules in a finance application might require that every new account request be approved by the company's Chief Financial Officer (CFO).

Automated account provisioning -- requires every account to be added the same way through an interface in a centralized managment application. This streamlines the process of adding and managing user credentials and provides administrators with the most accurate way to track who has access to specific applications and data sources.

See also: access control list, role-based access control, network access control, onboarding and offboarding

This was last updated in October 2010
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: