Workday As a Master with Okta Consulting
This case study covers Okta and HR as a Master with Workday as the Single Source of Truth. Project firm based out of Austin, TX engaged Iron Cove for Okta Profile Mastering.
Phase 2 project for seamless Profile Master update to have Workday synchronize all user profile changes. Workday updates would then need to sync to local Active Directory environment.
The business goal is for HR and IT to automate the on-boarding and off-boarding of workers, contractors, and privileged access users based on their Workday profile status and worker status.
A large company out of Austin, TX which has two sets of workers, Federal and Public, for their business. They wanted profile updates to sync to separate Active Directory instances.
Manual on-boarding of employees, contractors, and partners takes an enormous amount of time. The whole process can take several days. When a business has to manage a large scale of employees, this can become a considerable cost to the business bottom line.
Typical approaches for on-boarding lead to low productivity, inaccurate data, and significant security risks. According to Okta survey, 73% of IT departments have a hard time of keeping track of individual identity and permissions.
WorkDay Lifecycle Management
Key Project Phases for Implementation
|A||Active Directory Analysis||Apps Analysis|
|B||WorkDay Analysis/Implementation||SaaS Appliation Deployment|
|C||Workday-Active Directory Relationship||Rollout Considerations|
|D||Workday to Okta to AD Deployment|
Phase A Active Directory Analysis
- Data Review
- Confirm Installation Okta AD Agents and IWA Apps
- Okta/Workday Profile Mapping Attributes Design (Okta Expression Language)
- Matching and connected.
- AD Security Groups
- Analyzed and Understood should be defined.
- W/in Application Assignments
Phase A Goals
- WD and AD attribute match and align.
- WD and AD attribute lifecycle testing. Patrick = Pat or Sue=Susie
- Security Groups for Application Assignment
- AD Security Groups to be defined.
Phase B Workday Analysis/Implementation
- Understand WorkDay Implementation
- Review with WD Owners
- Confirm lifecycle process today
- Trigger Events (New Hire, Transfer, Termination)
- WD Profile and Attributes
- The critical areas of focus on are those attributes which IT and business owners leverage for application provisioning and authorization.
- What role do groups play today?
- Do they want to sub out Okta groups for Workday Groups?
- Any new changes of membership have to come from WD, not Okta or AD
- What kind of help do they need there?
- Standards – Naming Conventions
Phase C Workday-Active Directory Relationship
- Relationship of Workday and Active Directory (LCM)
- Events and Triggers
- Example: when should an AD user record be created, updated, and/or disabled.
- What AD attributes are mapped to Workday user attributes?
Goal and Work Flow Achieved
- Workday as the Master
- HR is now running deployment of cloud applications.
- Active Directory
- Recieving, Changing all in synchronization.
- LCM (Lifecycle Management)
- Iron Cove Support
- Standard Meetings
- Trouble Shooting
- Planning and further adoption of Okta Adaptive MFA.
What Okta solves with HR as a Master!
Okta Lifecycle Management will connects your HR system, in this case WorkDay and IT resources to automate onboarding and offboarding in a modern, seamless, and secure way. Watch this video. Okta see's a 76% increase in IT productivity and management cost savings. Some organizations see a 90% reduction in password reset request.