User Provisioning - A Solution where Boomi Shines

User_Provisioning2.png

At Kitepipe, we work with a wide range of enterprise customers across varied verticals and size profiles. We are increasingly finding a problem common to many firms - User Provisioning. How can the organization quickly provision new users on all the applications that they need, remove access when appropriate, and do this across all applications, cloud and on-premise, in an auditable way and from a single source of truth?


We have implemented several Boomi solutions with increasing functionality, and we feel that the Dell-Boomi Atmosphere and MDM products are the basis for a light-weight, yet fully functional solution to this increasingly common problem.

It is not hard to understand how user provisioning got to be a problem. In 2015, estimates were that the average medium-size enterprise company used 25 to 30 centrally-sanctioned cloud-based applications, and possibly ten times that many cloud applications across all users and functions. With so many disconnected applications, how can user provisioning and access be managed consistently?

As a problem, user provisioning has several dimensions:
  • Man hours to administer - Salesforce estimates that an FT salesforce admin is needed for every 75 users, and a significant percentage of that person’s time is Add/Update/Delete for user accounts.
  • Delays - it takes days to set a new user up in all of the applications that they need to do their job - in a world where you can have a new Amazon Prime account in a minute.
  • Exception handling - Users are humans, and humans do messy things, like get married, change status from contractor to employee, go on leave, have legal and common usage names, and get terminated. All of these exceptions require people to diagnose, resolve, and implement.
  • Security - you need to protect the systems and data critical to the business from unauthorized access
  • Auditability - you need to be able to prove that you are managing user access to key corporate systems
  • Regulatory - In many industries, there are regulatory mandates that require you to demonstrate that you manage access to sensitive systems and data.
So, its a problem. Current solutions are mostly hold-overs from the Enterprise Box-on-site world: Manage everything in SAP; or license and install a server-based identity management system having 3 or 4 different server components for Big $$$; and/or still write custom code to access cloud APIs to do the actual provisioning.

A User Provisioning solution using the Dell-Boomi integration and MDM components is a light-weight, affordable, customizable solution which can be implemented quickly and at a reasonable cost.

The components of the solution are:
  • The Boomi Master Data Management module (MDM) configured with a User Provisioning data model
  • The Boomi Atmosphere integration toolkit for quickly building provisioning access to any application that provides access, including Active Directory
  • Customization and deployment to implement your organization’s sources of provisioning truth, access rules, application endpoints, and notification and exception handling.
Because Boomi was purpose-built to solve data integration problems for thousands of cloud and on-premise applications, connectors exist for almost every application or data store. The light-weight atom and atom-cloud infrastructure is inexpensive to set up, and requires little maintenance. And the Boomi hyper-productive integration toolset means a quick, cost-effective implementation whether to two or twenty application endpoints.

Our experience implementing User Provisioning solutions using Boomi MDM has been very positive. We find it:
  • Easy to set up - provisioned in the Dell-Boomi cloud, no VMs to spin up
  • Supports rich and complex models - Our use data model holds user data, demographics, employment dates, and roles and permissions for multiple cloud and on-premise applications, plus Active Directory group memberships
  • Provides rule-based validation and quarantine, by data source
  • Supports alerts to trigger admin updates in the designated source system (preferred) or direct master data update in the MDM golden record - full support for alerts, quarantines, and audit trails.
  • Uses the rich connectivity and data transformation features of Atomsphere to implement provisioning anywhere. Boomi processes act on application endpoints based on changes to master data - delivering the user provisioning to the application
  • Supports pro-active alerts of un-authorized accounts by querying for new accounts, and comparing to approved golden records


If you need a light-weight and easy-to-implement, yet powerful user provisioning solution, lets talk about how Dell-Boomi and Kitepipe can deliver a fast, cost-effective solution.  Contact us to learn more.

Contact Kitepipe

Larry Cone

| Larry Cone