Exactly the access your users need.
(and nothing more)
- Consolidate user access control
- Automate approval workflows.
- Apply least privilege principles.
- Enable policy & compliance requirements
Give users the apps they need, instantly.
Requests to access any application can be made within Groove.id. Users don't need to go hunting around to figure out who manages the app, or what the rules are. Instead they just click apply to join. Groove.id takes it from there based upon the access control model you have chosen.
Quick approvals save time & improve user experience.
Groove.id functions as your access management system. Whomever is making the access decision receives an email with a button to approve and a button to block. Approval is simple and can happen on a mobile phone in seconds.
Trust. But verify.
You decide how people are notified of access. Groove.id can be used to facilitate a self-policing model where all the people managing an access control group find out about the change right away. If the change is fraudulent or inappropriate, then they can block it.
Unused access fades away over time
You can set up access so that it will atrophy over time if it isn't used. Because it is so easy to request access again if needed, revoking access for unused groups is no big deal.
Some compliance regimes require that access be re-approved on a specified interval. If you have that requirement, you can configure Groove.id to require re-approvals on the schedule you specify. If you don't get re-approval in time, access is removed.
Risk & Compliance
Seamlessly capture the data you'll need for an access audit.
If you need to know why each person has access to a resource, you can require that it be captured right in Groove.id at the time of the request. Approvers can also add reasons for approval.
The access audit report shows who approved each access request and the justification. Having these data available dramatically simplifies audit time.
Everything leaves a mark
Groove.id delivers a comprehensive view of user access management. Every time a user requests access, is granted access, or is blocked, we produce an audit record. You can view those records in our console, export them to a log tool like Splunk, or download the raw logs for processing.
Flexible access control models
You can configure the workflow around access control to suit your needs.
- In the traditional model, a designated owner (or owners) approve access.
- In the country club model, any user that already has access can grant access to a new user. Owners can still block users, and nothing happens without an email and audit record being created.
- In the manager approval model, a user's designated manager must approve the user's access.
- In the open model, anyone is granted access. Owners can still block users, and nothing happens without an email and audit record being created.