What are Joiners-Movers-Leavers (JML)?
Joiners-Movers-Leavers (JML) is a concept used in user access management aimed at controlling the entrance, movement, and exit of users within an organization's network or systems. The 'Joiners' segment refers to the new users or employees who are added to the network, requiring certain permissions and resources to execute their duties. The 'Movers' are those that transition within the organization, which could involve requiring different sets of privileges or access to execute new roles. Lastly, the 'Leavers' are users that exit the organization, thereby necessitating the deprovisioning of their access to systems and company data.
Why JML Exists and Who Needs It
JML management exists to ensure that users have the appropriate levels of system access to fulfill their duties while ensuring the security of the organization's data and systems. This is particularly important as improper access management can lead to data breaches, misuse or theft of sensitive information, and even hamper productivity due to employees lacking the necessary access rights. HR teams primarily coordinate JML processes, but it's also vital for IT administrators to manage these changes. Essentially, JML benefits all organizations that prioritize data protection, manage a host of users, and comply with data protection regulations.
Usage and Commonality of JML
JML is predominantly executed through Identity and Access Management (IAM) tools that automate the process. The tech team proactively manages user privileges, especially with role changes (Movers) and terminations (Leavers) to prevent unauthorized access to sensitive information. Common uses of JML processes include onboarding new employees, role changes, offboarding of leaving employees, and compliance reporting. JML is quite common in medium to large-scale organizations where proper access management becomes increasingly critical and complex.
JML in the Context of Cloud Infrastructure and SaaS
In the context of cloud infrastructure and Software-as-a-Service (SaaS), JML is a critical component of IAM. With numerous applications accessible from any location, managing who has access to what becomes a complex task. However, advanced IAM solutions provide automated processing of JML requests, ensuring user access is granted, altered, or revoked in an appropriate and timely manner. These automated processes reduce the possibility of human error, thus mitigating potential access-related security risks.
By adopting a least privilege approach, organizations can align their JML model with best practices in cybersecurity. This approach ensures users are granted only the absolute necessary permissions to carry out their tasks, thereby minimizing the risk of rogue or erroneous actions that compromise data security. Thus, an effective JML model becomes necessary in achieving a secure and efficient DevOps environment.