tenfold’s Community Edition gives organizations with up to 150 users a free, full-featured IGA solution. Here are five ways you can streamline governance processes and reduce your IT workload using this free tool.
In a world of non-stop cyberattacks, data breaches and compromised accounts, best practices like the Principle of Least Privilege have become an essential safeguard for organizations of all sizes. From global players to local businesses, everyone is at risk.
This makes enforcing secure, minimal access vital to staying out of harm’s way.
With its no-code IGA platform, tenfold makes centralized Identity Governance & Administration easy to implement for the small to mid-sized organizations that are underserved by traditional, enterprise-focused platforms.
As part of its efforts to make IGA approachable for orgs of all sizes, tenfold has recently introduced a free, full-featured tier of its solution for organizations with up to 150 users. Anyone interested in this offer can visit their website to request the tenfold Community Edition today.
To help you take your first steps in the world of automated Identity Governance & Administration, here are five things you can do using this free tool that will make your life a lot easier.
#1: Automate IT on- and offboarding using role-based access
Role-based access control is an essential component of effective access governance. Instead of assigning privileges individually to each user, you create sets of privileges that combine everything a person needs to work in a specific department, location, team, etc.
When you add users to these roles, they receive all the access they need in one go. Crucially, they also lose all associated privileges when they are removed.
Once you have created all the permission roles you need (which are known as “profiles” in tenfold), you can set up rules that automatically assign users to the right roles based on factors like group memberships or attributes in your HR dataset.
This allows you to automate the entire user lifecycle and ensure accurate access from a person’s first to last day at your organization. tenfold even allows you to create custom lifecycle stages in order to model special circumstances like parental leave or sabbaticals.
#2: Implement self-service access requests and password resets
Password resets are by far the most common ticket submitted to IT helpdesks. In most organizations, between 20-50% of all helpdesk calls are related to passwords or user access. With tenfold’s integrated self-service portal, you can eliminate these tickets for good!
Empower your users to reset their own passwords on tenfold-managed systems – after clearing the security checks you have set up, of course.
In addition to password resets, the self-service portal also allows you to delegate access requests to stakeholders within departments. By assigning someone as the data owner for a resource, they can approve access requests directly without the need to call up your IT team.
Customizable approval workflows allow you to tweak this process however you like. And tenfold documents every step behind the scenes, keeping you secure and audit-ready.
The best, free way to automate Identity Governance & Administration in your org!
Our Community Edition gives organizations with up to 150 users access to our full feature set and library of plugins.
Request the tenfold Community Edition
#3: Get a handle on Active Directory and SharePoint permissions
Anyone who has managed a file server before knows that keeping things clear and consistent is trickier than it sounds. Setting explicit permissions on objects quickly leads to chaos. Instead,
Microsoft’s recommended approach is to follow the AGDLP model: creating individual permission groups that are added to larger role groups, which also contain the actual users that need access.
Unfortunately, the number of groups admins need to manage for AGDLP quickly becomes a problem – especially in larger teams where it’s tough to keep everyone on the same page. tenfold takes care of this entire process for you, automatically maintaining best practice group structures in the background.
It even allows you to convert explicit permissions into group-based ones with a single click.
On the reporting side, tenfold provides a full overview of user access down to individual folders and files. It breaks down permission inheritance and nested groups to show you exactly who can access a given object on your network. This gives you complete visibility into user access on all levels of your file server and across Microsoft 365 and SharePoint.
#4: Keep track of shared content in Microsoft 365
The ability to easily share files with others is one of the biggest selling points for cloud collaboration suites. Unfortunately, this also makes it easy for users to “overshare” sensitive data.
Whether it’s external accounts that retain access longer than intended or privileged information hidden in the Files tab of a public Teams channel: Many organizations that use Microsoft 365 have no idea what their users are sharing – especially considering Microsoft offers almost no visibility into this issue.
To help you stay in control of shared files, tenfold provides a centralized breakdown of which files your users are sharing across Teams, OneDrive and SharePoint – with helpful filters to narrow your search to specific apps or files shared with internal or external users. This overview makes it easy to identify unwanted sharing and accidental data leaks.
#5: Carry out regular access reviews
Users tend to collect more and more access rights over time, whether it’s to join projects, team up with other departments or fill in for one of their colleagues. There’s nothing wrong with granting users additional access when they need it. The problem is that by the time these permissions are no longer required, orgs tend to forget about them – which means they stick around indefinitely.
The result is privilege creep, the gradual buildup of outdated and unnecessary privileges. Privilege creep is one of the main drivers behind overprivileged accounts, which threaten the security and confidentiality of your data since they can be easily exploited by attackers or insider threats.
To help you combat privilege creep, the tenfold Community Edition allows you to carry out regular access reviews. These periodic check-ups confirm whether users still need the privileges they hold. tenfold streamlines the process to make reviews as quick and painless as possible for all involved.
When a new review is scheduled to begin, reviewers are automatically notified via email with a link that takes them directly to their personal review dashboard. This shows all their pending review items in a clear, actionable checklist. Plus tenfold automatically updates user access based on the review outcome and documents the entire process.
Request the tenfold Community Edition for yourself
Are you feeling inspired and ready to try the Community Edition yourself?
Whether you want to enhance visibility into complex access landscapes or to streamline on- and offboarding workflows, the tenfold Community Edition is your stepping stone into the world of Identity Governance & Administration.
Visit our website and request your license key today.
Sponsored and written by tenfold Software.