Ploy: Identity Governance and Access Control Service

Description of Services
‍Ploy is a software-as-a-service (SaaS) platform designed to manage identity governance and access control for cloud applications. The service provides tools and processes that enable organizations to enforce access policies, maintain visibility over user access, and automate lifecycle management for user accounts.

Key Capabilities
1. Access Management
- Comprehensive catalog of all user access across connected systems and applications.
- Real-time visibility into active and historical access to resources.
- Tools for managing and documenting changes to access, including approvals and revocations.

2. Identity Lifecycle Management
- Automated provisioning of user accounts and access rights during onboarding, based on predefined roles and policies.
- Automated deprovisioning of accounts during offboarding to prevent orphaned accounts and unauthorized access.
- Management of temporary and just-in-time access for users who require limited-duration permissions.

3. Access Reviews and Certifications
- Support for periodic access reviews to verify the appropriateness of user access.
- Configurable workflows to involve system owners, managers, or compliance teams in the certification process.
- Automated reporting to provide evidence of compliance with industry standards and internal policies.

4. Integration with Identity Providers and Applications
- Seamless integration with major identity providers, such as Microsoft Entra, Okta, and Google Workspace, to extend governance capabilities.
- Compatibility with SaaS applications through SCIM (System for Cross-domain Identity Management) and API-based connectors.
- Custom integrations to support legacy or proprietary systems where applicable.

5. Policy Enforcement
- Role-based access control (RBAC) to standardize permissions based on job functions. - Enforcement of least privilege principles through policy-driven access restrictions.
- Support for audit trails and reporting to demonstrate adherence to policies.

6. Compliance and Audit Support
- Tools to facilitate compliance with standards such as SOC 2, ISO 27001, GDPR, and HIPAA.
- Audit logs and detailed reporting capabilities to document access changes, reviews, and other governance activities.
- Automated reminders and workflows to maintain compliance through continuous monitoring.

Supported Use Cases
- Management of user access to cloud-based systems in organizations of varying sizes. - Automation of identity lifecycle processes, including onboarding, offboarding, and access changes.
- Implementation of least privilege access to minimize security risks.
- Support for compliance audits and reporting.
- Centralized governance for organizations with distributed teams or complex IT infrastructures.

Service Model
‍Ploy is delivered as a cloud-hosted platform, accessible via a web interface. The service is available on a subscription basis.

Operational Considerations
- Implementation involves connecting Ploy to the organization’s identity provider(s) and key applications.
- Regular updates are provided to support new integrations, features, and security enhancements.
- Technical support is available to assist with onboarding, troubleshooting, and ongoing optimization of the platform.