Enterprise-scale unified communications (UC) environments are complex. Whether you’re managing one internally at a large enterprise or if you’re managing multiple UC environments as a managed services provider (MSP), it requires technical skill, consistency and precise coordination across entire teams.
While there are many areas to manage in UC, an often overlooked area is user provisioning. In this article, we provide a comprehensive overview of user provisioning and its application in UC.
Topics covered in this post:
- What is User Provisioning
- User Provisioning for UC
- Which Users Need Provisioning
- Who is Responsible for User Provisioning
- What Companies Need a UC
- Manual UC Provisioning: The Process and the Risks
- Automated UC Provisioning: What It Is & How It Works
- The 3 Main Benefits of Automated UC Provisioning
What is User Provisioning?
User provisioning refers to the process of creating user accounts and granting them appropriate access rights to resources and applications within an organization.
The provisioning process starts when new users are onboarded with a new account created for them with relevant access permissions. User accounts are managed and modified as that employee is promoted and transferred throughout the company. Then the process ends with off-boarding and de-provisioning when the employee leaves the company and their accounts are deactivated and deleted.
What is UC User Provisioning?
Within the user provisioning process, you have user provisioning for unified communications. This critical part of user provisioning involves provisioning users on the needed communications applications and devices so that they can be integrated into corporate-wide communications as well as external communications with prospects, partners, customers and clients.
At a high level, user provisioning in UC platform applications, including Cisco, Webex, Teams or Zoom, involves four main functions or tasks known as MACDs, which stands for moves, adds, changes and deletes.
Here’s how those tasks break down in UC user provisioning workflows.
- Moves – Moving an employee to a new division of the company
- Adds – On-boarding employees
- Changes – Changing the types of collaboration services an employee has
- Deletes – Off-boarding employees as they leave the company
These tasks may seem simple, but when done at scale, they can become time-consuming and prone to errors that can lead to outages and service disruptions. With hybrid work models becoming more and more commonplace, it’s crucial that new hires and existing employees get access to these communications applications as quickly as possible without disruptions.
Which Users Need UC User Provisioning?
All employees need UC user provisioning. In the employee lifecycle, user provisioning is most important during onboarding – allowing new hires to gain quick access to the communications resources required for their tasks, enabling them to collaborate with their team, and enhancing their start-up productivity.
IT administrators benefit from user provisioning systems as they streamline the process of onboarding new employees, granting appropriate access to UC systems and applications, and ensuring security measures are in place.
HR managers also rely on user provisioning to seamlessly integrate new hires into company networks, ensuring they have the necessary tools to perform their roles and collaborate with their teams. Lastly, compliance officers find value in user provisioning to enforce access controls and maintain regulatory adherence.
Who is Responsible for UC User Provisioning?
In the case of UC user provisioning, the responsibility for provisioning and managing user accounts falls on a dedicated UC team. If an organization doesn’t have a UC team, provisioning falls under the domain of the IT department.
IT or UC administrators in this context ensure that new users are onboarded swiftly, granting them appropriate access to the unified communications tools, configuring their profiles, and ensuring integration with the company’s broader UC ecosystem.
Now, if the UC user provisioning process becomes automated, simple provisioning tasks can be off-loaded to HelpDesk, allowing highly-skilled UC and IT engineers to focus on strategic initiatives.
We’ll get into why that’s important later on in this article.
What Companies Need UC User Provisioning?
Almost all large companies can benefit from automated UC user provisioning solutions – especially those that rely heavily on modern communication and cloud collaboration tools.
Businesses with large workforces, distributed teams, or remote and hybrid work setups find value in UC provisioning solutions that will allow them to efficiently onboard, manage, and control user access to various communication channels like voice, video, messaging, and conferencing platforms.
MSPs who manage many different UC environments for clients can also benefit from a UC user provisioning solution that makes bulk actions and setup quick and efficient.
How Does UC User Provisioning Work?
There are two ways to do UC user provisioning. There is a manual way that involves time-consuming data entry and tracking via large spreadsheets. And there is an automated way that provisioning new users as soon as they are entered into a company directory or ITSM.
We’ll look at the manual way first.
Manual UC User Provisioning
When done manually, UC user provisioning gets complicated and time-consuming, especially at the enterprise scale.
UC is no longer a one-platform, on-prem solution. There are many different applications, with many different groups and designations within those applications across different providers. There are on-prem and cloud solutions. There are different admin levels and user privileges across all these.
Provisioning a new user into all of their needed accounts manually means a UC engineer or IT employee must log into each one of these applications, enter the new user information and ensure that the entries are correct – for every application, for every user.
Now, imagine that process when a company hires 50 new employees or a merger of two, meaning hundreds of new users must be provisioned in bulk on a new platform. It can easily add up to hours a day for a highly skilled engineer who could be focusing on much more strategic work.
Automated UC User Provisioning
Automated UC user provisioning takes all those processes and management tasks and fully automates them.
So, if you want to automate your provisioning process, real-time integration with Active Directory is the most common approach to enable zero-touch account provisioning.
Here’s what that automation process looks like when set up between Active Directory and a UC platform like Cisco when on-boarding a new hire.
Step 1 – The provisioning automation solution looks for new employees in Active Directory. If new employees are found, the provisioning software moves on to Step 2. With the right solutions, you can set how often you want to check AD for new employees – every day, every hour, every minute.
Step 2 – The provisioning software should then automatically create accounts for any new employee it has found, in all the relevant Cisco unified communications applications. You can even customize which UC applications are provisioned based on AD Groups, by matching it with a Group in your provisioning solution.
Step 3 – Your provisioning solution should then send the phone number of the new employee to Active Directory, where it is stored with all the other employee information.
Step 4 – The final step to close the loop is for the provisioning automation software to send an email to the new user with all the new details about their unified communications accounts.
This process is “zero-touch” provisioning – it requires no manual intervention from a person. Once a new user is detected in Active Directory, they are provisioned with the proper access to UC applications.
Automating UC provisioning also allows UC teams to templatize routine jobs (moves, changes and deletes) to do in batch or with the click of a button for one-offs.
With the right solution, you can set the rules of those jobs to match the specifications of your business structure. Contact centers, for example, need highly complex agent configurations that take into account their team, skills and competencies so the right customer calls are routed to them, so they can assist the customer as needed.
Automation can account for these nuances while eliminating human error, which leads us to the benefits of automating your UC user provisioning process.
This can be content we build into an infographic style.
What Are the Biggest Benefits of Automated UC User Provisioning
Automated UC user provisioning software minimizes the security risks associated with granting access and deleting users in UC systems and applications.
Security needs to be a high priority for companies that implement cloud and on-prem UC technologies. Especially now with the possibility of employees accessing and working in those applications from anywhere in the world.
While UC applications like Call Manager, Unity Connection, Webex, Jabber, Teams and even Zoom have not historically been attractive targets for hackers, such systems expose organizations to several operational risks. Attackers are looking for any way in, and are considering messengers and online phone systems as another system to exploit.
If hackers gain access to these applications, they can gain access to proprietary corporate communications, valuable company information and the devices that employees use to communicate. They can also take your systems down entirely, grinding communications and productivity to a halt.
Internal threats also need to be accounted for. While uncommon, without proper role-based access and automated off-boardings, disgruntled or recently fired employees can also do serious damage to your UC systems on their way out.
A key to preventing these internal threats is role-based access.
About Role-Based Access
Role-based access is the ability to limit the access users have to your automated provisioning software through role designations.
An automated solution for provisioning can help you grant better role-based access to critical systems within these applications by taking the ability to change and manipulate user data out of the hands of regular employees.
The systems are generally configured with default groups:
- Administrator – a user with full access to UC provisioning and the ability to manipulate
- Provisioner – a user with access to routine MACD provisioning jobs.
These groups will define the role-based access to jobs, site templates and devices and settings. Now, with the right solution you can make as many roles and get as granular as you need with the permissions.
With this level of flexibility around roles-based access control, large organizations can customize what they feel their teams and users should get based on their internal best practices. These groups provide a common class of users with permissions and access to items within a provisioning automation solution.
Simplification & Consistency
Next, automated UC provisioning simplifies provisioning jobs while making set-up and execution consistent for each task. It simplest provisioning and management by allowing you to integrate your entire UC provisioning onto one platform, whether through native integrations, API or even API triggers.
Beyond your UC applications, the right solution will be able to integrate with various other corporate systems. These can include:
- Active Directory (Microsoft AD)
- IT Service Management (ITSM)
- Identity and Access Management (IAM solution)
- Human Resources (HR Systems)
Once connected, an automated UC provisioning solution can act as a hub connecting user information across much of your corporate tech stack. User information can flow without any manual work from the UC team or a service desk.
In terms of consistency, automation means that user provision jobs will be done the same every single time. Removing manual intervention in UC account provisioning eliminates variability in the way different provisioners might configure accounts.
The way this works is through pre-defined jobs. Those pre-defined jobs are made up of one or more templates for each step in the process. The right solution will offer flexibility in the configuration of these jobs to meet your organization’s needs.
Lastly, those benefits above, plus the sheer time savings and cost savings of an automated UC provisioning solution, lead to measurable ROI.
Automation makes work faster and more efficient, but in the case of automated UC provisioning, we’re talking about projects that would have taken hours or days now take minutes.
And with the proper role-based access in place, you can even securely pass those provisioning tasks to a HelpDesk, saving even more time for your UC engineers.
Automating UC user provisioning is a quick and easy way to save time and money, but beyond that, it can help you retain talented UC engineers at a time when their skills are in high demand.
UC engineers are talented people, and delegating them to repetitive provisioning work is a waste of their time and talent. On top of that, rote, repetitive work leads to burnout. When UC engineers are burnt out, they’ll look elsewhere for work. Investing in automation can help you refocus your highly-skilled UC engineers on strategic projects, increasing their job satisfaction while at the same time increasing their impact on your organization.
All these factors can lead to game-changing ROI with minimal effort to implement.
Automated UC Provisioning is Key
UC user provisioning plays a key role in ensuring companies can communicate in the hybrid working world. But it’s easy to overlook because when it’s done right, employees communicate as normal. When done wrong, service disruptions and outages can wreak havoc.
That’s why automated UC provisioning is key. It ensures user provisioning work gets done right every time, preventing outages and keeping your company more secure and connected all while allowing UC engineers to focus on more impactful strategic work.
Check out the Akkadian Provisioning Manager page to learn more about how we can help you reap the benefits of automated UC provisioning.