Topgolf, a global sports entertainment company, is saving over $700,000 per year in direct labor costs with RoboMQ’s ADP to Active Directory (AD) integration. Manual processes once associated to onboard and offboard new employees, manage lifecycle events, and assign Role-Based Access Control (RBAC) are now all automated.
Automate Lifecycle Events
Real-time User Creations
Automation Cost Savings
Role-Based Access Control
Quickly Manage Terminations
Director of Innovation & Architecture, TopGolf
Yes. The AD user account in your domain and the associated email address is created automatically by this integration. We also integrate with Office 365 to manage user account and other attributes including Office groups and SharePoint access.
The data that this integration receives is often publicly available information like first name, last name, title, reports to, department, and location, etc. None of the aforementioned is sensitive or protected by any of the regulations like HIPAA or PII. During deep dive with customers, we have realized that the data this integration receives is presumed more sensitive than it really is.
The ADP provides employee information either as an extract or via API calls. Most customers prefer employee extract as it is more reliable, efficient and cost-effective way to provide employee information and lifecycle updates.
ADP to AD integration has a rule engine built into it. As a customer, you will provide rules which derive AD Security Groups based on its employee attributes or a combination of those. For example, job title, location and/or department may determine employee Security Group and therefore privileged access to enterprise systems.
ADP to AD Integration is a fully built Software as a Service (SaaS). It is configured to your needs, data mapping and business specific rules. We expect a maximum of two weeks of implementation assuming all the field mapping, and rules for security group, distribution lists and OU derivation are provided. Often, most of the implementation time beyond two weeks is spent on field mapping and rule definition at the customer’s end.
Yes. We understand handling of timely termination and removal of access is of utmost importance for the security, compliance and management of reputation risks. Terminations are processed in near real-time. Sensitive terminations can be handled by on-demand triggering of AD integration from Workday.
Yes. ADP to AD Integration supports on-premise, cloud or private cloud hosted Active Directory (AD). We also support Azure AD as well as AWS hosted Active Directory.
Yes. You can use SSO or Identity Providers like Okta, Ping Identity, OneLogin, Centrify or Auth0 along with this integration. The SSO providers enforce Single Sign On and access control based on role-based access control (RBAC) definition created by this integration. We natively integrate with Microsoft SSO with Azure AD integration. We also offer provisioners to create and manage accounts in third party enterprise systems.
Yes. The ADP to AD integration is a fully automated near real-time integration. The ADP employee updates are pushed to RoboMQ and this integration processes the information as it is received 24x7. This integration is offered as fully hosted service by RoboMQ.
The data processed by RoboMQ is encrypted in transit and at rest. We do not store any of the employee data except the error logs. All the processing and handling of the data during the AD integration happens over the transient message queues. Furthermore, each customer has its own tenant on RoboMQ. This ensures tenant level data segregation and encryption.