Phone Number +1-202-802-9399 (US)

Thycotic is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

Integrating Service Account Management Within Existing IT Workflows


Written by Erin Duncan

September 22nd, 2020

IT service management providers have made strides replacing collections of legacy tools with a single unified IT service management platform. However, there are still many aspects of IT administration that must be done manually outside of such unified platforms.

Service account management is one task that is commonly cumbersome to IT administrators and those in need of service accounts alike.

Usually, the person looking to have a service account provisioned will submit a request to IT. An IT admin then manually provisions the service account and relays back the required information of the newly provisioned account to the requestor.

This workflow is not only a resource burden on the IT admin and the requestor, but it also exposes potential security issues. Even if the service account was provisioned for the requestor in a timeline that met their business needs, the account likely has no controls configured to deprovision the account when it’s no longer needed for the original business purpose.

This can result in a runaway condition known as “service account sprawl.”

Running this workflow model year after year can result in a runaway condition known as “service account sprawl,” where a company has no awareness or inventory of all active service accounts that exist within their network.

Thycotic’s Account Lifecycle Manager provides companies with the ability to take control of service account sprawl and eliminate the traditionally manual task of managing the service account lifecycle. For the many IT departments that have already invested in a unified IT service management platform, Account Lifecycle Manager solves the business challenge of managing service accounts but falls outside the confines of their IT service management platform.

To support companies looking to consolidate workflows and solutions within their existing IT service management tool, Thycotic developed an end-to-end integration between Account Lifecycle Manager and ServiceNow.

Through this integration, the benefits of Account Lifecycle Manager can be recognized from directly within ServiceNow. Users already familiar with ServiceNow can simply submit requests for service accounts.

This is achieved via a simple form in ServiceNow that requires an explanation of the account purpose. The form also includes the ability to select a Workflow Template provided by Account Lifecycle Manager that facilitates the assignment of the necessary attributes to the account automatically, once provisioned.

Servicenow Request Configuration

When a request for an account is submitted, the user can easily track and check the status of their request directly within ServiceNow.

ServiceNow Request CRUDs

IT admins see the service account request when it’s submitted by the user and can make their approval decision in the ServiceNow user interface. Once approved, ServiceNow relays the approval directly to Account Lifecycle Manager to provision the account, and the requestor will be able to use the account within moments.

The user and the admin use the same ServiceNow platform they are already familiar with and use for other IT workflows while benefiting from the controls and governance provided by Account Lifecycle Manager.

Account Lifecycle Manager

Account Lifecycle Manager

Eliminate risky service account sprawl with end-to-end access governance.