Happy Tuesday! This month we focused on features that enable you and your teams to build a mature least privilege program, giving you greater control and visibility into permissions and app access. Our renewal management feature got some attention too, with a few new updates thrown in.
We have a lot to cover in this email, so let’s get to it!
Review
Increased Visibility with the New Activity Log
Is your company required to be compliant with frameworks such as SOX, SOC 2, ISO 27001, or FEDRAMP? If so, you know auditors will need to see documentation around your application access approval process…especially for those containing sensitive data.
On top of that, you’re going to want to have a single source of truth to ensure things run smoothly and allow you to debug issues quickly if something goes wrong.
The new Activity Log satisfies both these needs by letting you see all activities and access requests happening within Lumos in real-time.
Let’s face it: when an employee leaves the company, you can’t automate offboarding for every single app. The thing is, to keep everything compliant and spending in check for unused licenses, you sill need to make sure those accounts are deleted.
That’s where we come in. When automation isn’t possible, our platform reaches out to application admins on your behalf and requests that the recently terminated employee’s access be removed. Once removal is confirmed, your source of record is automatically updated keeping you and your auditor fully informed.
At Lumos, we encourage our customers to move away from birthright access and towards a “just-in-time” access model in combination with pre-approvals. This model helps employees get access to the apps they need immediately, helps companies be more cost-effective with their licenses, and reduces over-provisioning of apps.
Our platform, you can specify which groups from Okta, Google, or Microsoft are “pre-approved” to access different applications or permissions. Once an employee requests access, if they fall into a pre-approved group, they’ll be approved and can begin working immediately.
An overlooked way to reduce SaaS spend is to proactively negotiate upcoming renewals. Lumos helps you create a single source of record for renewals.
Now, you can also set and receive reminder notifications for upcoming renewals to avoid surprise renewal conversations, sync contract data from Ironclad directly into Lumos, and keep track of contracts in multiple currencies.
We’re looking for ways to help you stay on top of renewals and build the best product for your needs. If this sounds interesting, let us know! We’d love to have you as a design partner.
New & Noteworthy
Here are a few more new features that we released this month to make managing your SaaS environment easier. Reach out to the team over Slack or email to learn more!
Group-Based Access Control for Permissions: Now you can select exactly which access groups can see and request a permission within Lumos. For example, you can restrict production database access to only site reliability engineers.
More Restricted Time-Based Access Options: Admins can restrict the access lengths that employees are allowed to request. Employees will only see the options made available to them for a particular app or permission they’re requesting.
BambooHR Integration: Directly integrate BambooHR to pull in employee, job title, manager, and team information.
Filter All Custom Entitlements in Access Reviews: Easily filter and find custom entitlements when conducting access reviews.
IT Heroes
We deeply believe in the value IT experts bring to their organizations. To put words into action, we created a video series showcasing genuinely inspiring stories by IT Heroes for IT Heroes. Let us know what you think!
