Identifying and managing Shadow Users at scale can be time-consuming and, if overlooked, may lead to security and compliance risks. Josys allows the IT Admins to create an automated workflow for identifying the shadow users and taking the necessary actions. The workflow can be configured to send a review to the respective app owner and take necessary action.
Steps to creating an automated workflow for Shadow Users
Step 1: Select Workflows and click New Workflow.
Step 2: Click Create Workflow from Shadow User Detection.
Step 3: In the following screens, confirm the Triggers and Conditions to initiate the workflow. Then click on Next to select target apps.
Step 4: Select apps for which you wish to create an account and click on Next.
Step 5: On the Access Review screen, you can create a review step to ask a question and provide the necessary options to the user before taking any action. Select the App Reviewer/App Owners to assign the review request and click Next to proceed.
Step 6: By default, the receivers get the access review request notification via email, although you may also choose to send the notification to their respective Slack workspace. Click Next to proceed to the next step.
Step 7: Next, configure one or more actions to be executed when the workflow conditions are met based on the response received by the user. You can choose to:
- Remove user app accounts
- Create JIRA Ticket
- Create Manual Task
- Send an email to the recipient
- Create HTTP Request
Step 8: Once all actions are configured, click Next to proceed.
Step 9: Click Save Workflow to save this workflow. The workflow is enabled by default; however, you may disable it in this step.
Step 10: The newly created workflow is displayed on the Workflow screen, from where you can view workflow run history, edit, or delete a workflow.