Identity Lifecycle Management (ILM) Overview

This feature is currently available only to customers participating in a private preview. If you'd like to participate to be among the first to try this feature, ask our support or account team for details.

On the Delinea Platform, Identity Lifecycle Management (ILM) enables management of users' digital identities across your IT systems, from creation to deactivation — ensuring secure access and compliance while improving efficiency through automation.

For specific system setup and integrations, see ILM Setup and Configuration.

ILM Advantages for Users and Organizations

ILM impacts both organizational security and employee efficiency with the following benefits:

  • Seamless Access: instant and secure access to the tools and systems needed

  • Improved Security: protection from unauthorized access and potential data breaches

  • Faster Onboarding: no delays in getting access to necessary resources when joining a company

  • Frictionless Role Changes: automatic updates to access when switching teams or getting promoted

  • Self-Service Capabilities: ability to reset passwords or request access without IT delays

  • Better User Experience: fewer login issues, less downtime, and a streamlined workflow

  • Compliance & Privacy: ensures personal and work data are protected and handled securely

Stages: Joiner Mover Leaver (JLM)

ILM operates across three key stages of an identity’s lifecycle: Joiner, Mover, and Leaver (JLM). Proper practices at each stage help to ensure that an identity has secure and appropriate access at every stage of its lifecycle.

Joiner

The “Joiner” stage occurs when a new identity is created or added to a system. This identity could represent an employee, contractor, or even non-human identities or hardware.

At this stage, appropriate access permissions must be assigned based on the role of the identity being onboarded.

Mover

The “Mover” stage occurs when an existing identity changes its role. Examples include:

  • An employee moves to a new role or department

  • A contractor transitioning to a full-time employee.

It's important to ensure that only the necessary permissions for the new role are retained, since combining previous access with new permissions can lead to security risks.

Leaver

The “Leaver” stage occurs when an identity is removed from the system, typically upon termination of employment or the end of a contract. Proper ILM operation ensures that all access permissions are revoked, preventing unauthorized access after the individual has left.

Removal of a “Leaver” can be either manual or pre-scheduled (which is ideal for time-bound roles).