The CISSP exam outline mentioned:
- 5.7 Manage the identity and access provisioning lifecycle (e.g., provisioning, review)
- 7.4 Secure the provisioning of resources
I roughly define “provisioning” in the context of identity and access management as “the process of creating user accounts and granting privileges across systems in a streamlined or automatic way.”
Imagine that you’re preparing a user account for a new employee. How do you deal with the following situation:
- HR system: a detailed employee record
- PACS (physical access control system)
- Enterprise portal
- ERP systems
- Cloud services
- VDI (Virtual Desktop Infrastructure)
You may have to create a couple of user accounts and credentials (keycards, fobs, smartphone, biometric) and grant privileges across those systems mentioned above. It takes much time to do it manually. Moreover, it’s error-prone.
The employee may be promoted, rotated, fired, or resign. The privileges granted have to be updated.
That’s the situation provisioning comes in handy. It deals with the cumbersome process of creating and changing accounts and privileges through automation.
Provisioning helps streamline identity and access management processes across the account life cycle.
In telecommunication, provisioning involves the process of preparing and equipping a network to allow it to provide new services to its users. In National Security/Emergency Preparedness telecommunications services, “provisioning” equates to “initiation” and includes altering the state of an existing priority service or capability.