Adding More Flexibility to the Features You Love • April Update
Hello there!
Happy Thursday! We’ve got a lot of new exciting updates at Lumos. We’ve added new features that make managing your SaaS apps and conducting access reviews a little easier. Plus, scroll to the bottom of this newsletter to learn more about an upcoming webinar we’re hosting on phishing attacks and how to partner with the FBI with Material Security, Special Agent in Charge, Cyber Division, Elvis Chan, and Joel de la Garza, CISO at a16z.
We have a lot to get through in this email, so let’s get to it!
Review
Get More Options for Account Removals during Access Reviews
Sometimes during access reviews, just because you flagged an account as rejected doesn’t mean you want to completely remove an account and delete a user. That feels a little extreme.
Lumos now gives you more removal options such as suspend an account, run a webhook, deprovision access, or manually remove access for a user. These new options give you more flexibility with how to manage account removals.
Remind Access Reviewers with On-Demand Notifications
An access review is only as good as its reviewer. But sometimes, your reviewer might have gotten caught up in other projects. Or they saw that email about having to complete a review and thought, “I’ll get to that later,” and…never did, leaving your access review in limbo. Now, you can remind them to complete the review with on-demand notifications.
Access review admins can now trigger individual or bulk notifications to be sent to reviewers with a single click. You can create a custom message or rely on our default one, and give reviewers that friendly nudge to complete an access review.
Keeping track of inactive accounts across your entire tech stack is no easy task. Yet, these unused accounts are costing your organization valuable dollars that could be spent elsewhere. Our inactivity workflows allow you to automatically remove these accounts and recoup licenses, and we’ve added some new functionality to make it even better.
With our latest updates, you can:
Transfer the user’s data to another user before removing their account
Add or remove a user from a group in case you have automated provisioning set up based on group assignments
Run a webhook you’ve set up
Create multi-step workflows. Great for occasions when you want to transfer a user’s data, remove them from a group, run a webhook, remove their account, and notify the user with a custom message.
Here are a few more new features that we released this month to make managing your SaaS environment easier. Reach out to the team over Slack or email to learn more!
JumpCloud Integration: Lumos can now work with JumpCloud to populate identity and access data for the AppStore and access reviews.
Adobe Integration: Lumos now integrates with Adobe, allowing us to list users, find entitlements, suspend, and deprovision Adobe accounts.
Splunk SIEM Integration: Lumos now integrates with Splunk. You can now funnel all Lumos activity log data into Splunk for their Cloud Platform version.
Time-Based Access Expiration Removals in Activity Log: You can now see access length and the removal actions taken from there in the Activity Log.
Auto-provisioning Failure Messaging: App admins will now be notified via email and Slack when auto-provisioning or webhook provisioning fails. These messages will contain details on what failed and link to the Activity Log.
More Detailed Access Reviews Evidence Upload: Users will now be given more context on what they need to do to manually remove access for an account and provide evidence for access reviews.
Access Review Permission Reviews: When possible, Lumos can display the list of entitlements connected to an account and allow the reviewer to pick which permission should be rejected or accepted, giving them more granular control over access. Rejected Okta groups will be auto-removed by Lumos, but other apps will need manual evidence uploaded.
Custom Requests from Approvers for App Requesters: Admins can now add custom messages at the domain app and permission level for app requesters if they need more information; such as a username handle to provision access. You can toggle this feature on in the “Advanced Settings” panel of the AppStore admin table.
Custom Access Review Instructions: You can now write custom messages to give reviewers more instructions on what to do during an access review, giving them more context and clarity.
New Zendesk Entitlements: We’ve added product role per product and license type as new entitlements you can see for Zendesk during access reviews.
In Case You Missed Our Last Update
Here are the new features and updates from last month:
Savings Dashboard
Permission Reviews
Custom Provisioning Instructions
SumoLogic SIEM Integration
Entitlement Support for O365
Blocking Self-Approvals
URL as Evidence for Access Reviews
Github Repo Access in Access Reviews
Want to know more? Let us know!
Join Us for Our Latest Webinar: How Technology, Process, and the FBI Can Protect Your Enterprise
We’re hosting a live chat with our friends from Material Security and special guests: Special Agent in Charge, Cyber Division, Elvis Chan, and Joel de la Garza, CISO at a16z.
We’ll be going over the latest types of cyber attacks you should know about, the foundational risk factors of phishing attacks, why least privilege and zero trust are critical initiatives for IT teams, and how and when to engage federal law enforcement.
