How Lumos Uses Lumos to Scale IT via Process Automation: Onboarding, Offboarding, and Birthright Access

At Lumos, we don’t just build the Autonomous Identity Platform: we run on it. From day one, we've believed that the best way to build powerful, intuitive products is to use them ourselves every day. This philosophy of “dogfooding” isn't just a cultural value; it’s a strategic advantage. It gives us firsthand insight into the pain points IT, security, and compliance teams face, and pushes us to solve them with greater urgency, empathy, and precision.

By running Lumos internally across every function – from IT and Security to Procurement and Compliance – we stress-test our platform in real-world scenarios, uncover edge cases before our customers do, and refine features for maximum impact. Whether it’s automating onboarding workflows, eliminating access request tickets, surfacing shadow IT, or streamlining user access reviews, Lumos helps us operate leaner, smarter, and more securely.

To highlight how this internal testing helps improve our product, we are launching this blog series aimed at IT & Security leaders: “How Lumos uses Lumos to Scale IT Via Process Automation” – our first post covers onboarding, offboarding, and birthright access. Let’s jump right in!

Automating the Joiner-Mover-Leaver Journey

For IT and security teams, the Joiner-Mover-Leaver (JML) lifecycle is one of the most critical, and operationally taxing, areas of identity governance. Done right, it ensures that employees have the right access at the right time, while minimizing security risk and manual effort. At Lumos, we’ve completely automated this journey using our own platform, turning a historically ticket-heavy process into a seamless, secure workflow that drives IT productivity and governance at scale.

From JIRA Tickets to Seamless Lifecycle Automation

Before implementing Lumos internally, our IT team relied heavily on JIRA tickets to manage every part of the JML process. That meant tracking provisioning tasks, manually reaching out to app owners, and keeping tabs on offboarding steps: one ticket at a time. The result? Bottlenecks, inconsistent follow-through, and far too much time spent chasing updates.

With Lumos, we’ve eliminated that complexity. Today, our JML workflows are fully centralized and automated. As soon as an employee joins, moves, or leaves, Lumos syncs with our HRIS and IdP to kick off the appropriate actions. App owners are notified, approvals are routed automatically, and tasks are assigned without IT needing to intervene manually. The platform orchestrates everything, from access assignment to revocation, while maintaining a clear, auditable trail.

Real-Time Offboarding With Accountability

Offboarding is one of the most high-stakes phases of the identity lifecycle. A missed step can leave orphaned accounts or exposed data behind. Lumos solves this by generating a dynamic offboarding checklist based on actual, real-time app access. This isn’t a static list; it’s context-aware and always up to date.

App owners are automatically pinged to revoke access, and if needed, IT can follow up with gentle nudges – all within the Lumos interface. No JIRA tickets. No guessing. No loose ends. This process gives us the confidence that offboarding is complete, every time, without the overhead of a spreadsheet or ticket queue.

{{shadowbox}}

A Mover Example in Action

Recently, we had an employee transition between departments. Instead of manually auditing their access or coordinating handoffs, Lumos detected the change in our HRIS, identified which access needed to be removed or reassigned, and notified the appropriate app owners. The process was swift, coordinated, and fully auditable. The result? A secure transition without IT firefighting or delays.

Improving IT Productivity and Reducing Manual Work

At Lumos, improving IT productivity isn’t just about speeding things up – it’s about eliminating the unnecessary altogether. Manual tasks, access chaos, and never-ending follow-ups used to be part of daily life for our IT team. But with Lumos in place, we’ve offloaded the most time-consuming, repetitive work to automation. That shift has freed up our team to focus on more strategic initiatives while significantly improving the quality and consistency of our access governance.

What We’ve Eliminated

Before Lumos, manual offboarding was a heavy lift. IT had to track each user’s app access and follow up with app owners through JIRA tickets or email to ensure accounts were fully deprovisioned. It was time-consuming, error-prone, and stressful during high-volume transitions.

We also fielded a constant stream of ad-hoc access approval requests. Even when app ownership was clear, users defaulted to reaching out to IT, creating unnecessary noise and delays. On top of that, coordinating periodic user access reviews (UARs) was a logistical challenge. The compliance team had to ping every app owner manually, track responses, and store audit evidence across multiple systems.

Today, Lumos has eliminated all of that. Offboarding is automated through dynamic checklists and notifications. Access requests are routed directly to app owners via the Lumos AppStore. And UARs are launched, tracked, and recorded automatically – no spreadsheets, no follow-ups, no stress.

Powering Seamless Onboarding, Offboarding, and Birthright Access With Lumos

At Lumos, we don’t just build identity governance — we run on it. Every employee lifecycle event, from onboarding to offboarding, is powered by the same platform we deliver to customers. This “use-what-we-sell” approach isn’t just a product philosophy — it’s how we operate with agility, security, and scale. It drives us to continuously improve the product, while showcasing firsthand the value of automating the Joiner-Mover-Leaver (JML) journey.

With Lumos, we’ve turned what used to be complex and manual into fast, secure, and automatic. New hires get their birthright apps on day one. Role changes instantly trigger access adjustments, with no delays or permission creep. Offboarding is no longer a chaotic checklist of follow-ups; instead, Lumos generates real-time deprovisioning workflows, pings app owners directly, and ensures full revocation across every system: from Okta and SaaS apps to on-prem tools.

By managing access through automated, persona-based policies and tight HRIS-IdP integrations, we’ve eliminated onboarding friction, removed IT bottlenecks, and minimized risk. Albus, our AI identity agent, even helps recommend birthright bundles, optimize provisioning rules, and flag unnecessary access; saving time and preventing overprovisioning before it starts.

The result? Employees are productive from day one. IT no longer spends hours on repetitive ticketing. Security knows exactly who has access to what, and why. And compliance is built in, not bolted on.

If Lumos helps us move this fast, imagine what it could do for your team. Whether you're looking to streamline onboarding, reduce offboarding risk, or enforce least privilege from the start, Lumos is the modern, automated approach to identity lifecycle management.

Ready to accelerate your onboarding and offboarding processes? Book a demo and see how Lumos can help you scale smarter.

‍