Why “M” Is the Hardest Part of JML

Have you ever noticed how often the terms “JML” (Joiner-Mover-Leaver) and “Onboarding/Offboarding” are used interchangeably? Sure, joiners need to be onboarded, and leavers are offboarded, but what about the “M”? 

The truth is that few organizations ever get around to implementing formalized mover processes, let alone truly automating movers. So why is M the most overlooked part of JML?

Is it because the stakes are lower? It might seem that way. 

Ineffective onboarding has an obvious and immediate impact on productivity. An employee without access to necessary tools and data can’t work. And failing to comprehensively offboard leavers creates a well-understood risk. Leaving critical data and privileges in the hands of ex-employees, especially if the separation was less than amicable, exposes an organization to sabotage and intellectual property theft.

Failing to efficiently handle internal moves has a less obvious immediate impact, but that doesn’t mean the cost is insignificant. When someone moves to a new role, they often gain access to new apps and data; but what happens to their old access? Unless there's a deliberate process to revoke permissions, users accumulate access over time. This "entitlement creep" poses significant security and compliance risks. A sales manager who becomes a product lead might still retain access to sensitive customer pipelines, even though they no longer need them.

Over time, a mover can morph into a superuser – not because they need elevated privileges, but because no one ever cleaned up behind their previous roles.

Why Movers Are So Hard to Manage

Managing access for movers is one of the most complex and overlooked challenges in identity governance. Unlike onboarding or offboarding, which have clearly defined start and end points, role changes are often ambiguous, gradual, and inconsistent across departments. Below, we explore four key reasons why movers are so difficult to manage effectively:

1. Lack of Clear Triggers
2. Jobs Don’t Change Instantly
3. One Role, Many Access Patterns
4. Cross-Functional Collaboration Gaps

1. Lack of Clear Triggers

For joiners and leavers, IT systems often integrate tightly with HRIS platforms, using start and end dates to trigger workflows. Movers? Not so much. 

Internal changes may not be captured formally, especially in cases like interim assignments or shadowing programs. Even when HRIS updates a job title, it may not be specific enough to map to a new access policy.

Without clear, timely signals, IT teams can't automate access changes. This leads to delays, gaps, and over-permissioning.

2. Jobs don’t change instantly

Unlike onboarding and offboarding, movers don’t change all their responsibilities at a single precise moment in time. When an employee is promoted or changes departments, they typically continue to consult or otherwise help out with their old role for some period of time. 

If this isn’t taken into account in your mover processes, employees might lose necessary access and be unable to support their transition. On the other hand, if you don’t take care of removing access as part of your mover process, it’s much less likely that you’ll go back later and reevaluate the employees access needs.

3. One Role, Many Access Patterns

Roles are no longer monolithic. A job title like “Marketing Manager” could mean wildly different toolsets depending on the region, product team, or campaign type. 

A mover might go from content to performance marketing without a title change – but their tech stack shifts completely. Trying to build policy-based access rules for every nuance becomes a nightmare.

Standardizing access profiles is difficult enough; accounting for variations within the same role makes it exponentially harder.

4. Cross-Functional Collaboration Gaps

Effective mover management requires alignment between HR, IT, security, and sometimes even direct managers. But these stakeholders often operate in silos. 

HR might update the org chart, but not notify IT. A manager might reassign someone to a new team, but forget to submit an access request. Without end-to-end visibility, the mover lifecycle becomes a black hole.

This lack of coordination leads to inconsistent experiences for employees and risk blind spots for security teams.

So how do we make the mover process more manageable?

Making Movers Manageable

While there’s no single solution to the problems presented by movers, organizations can take several steps to bring sanity to mover management:

1. Create and enforce strong Access Policies
2. Expand the reach of your IGA
3. Implement Access Reviews and Certifications
4. Establish “Mover” as a Formal Lifecycle Event
5. Promote Cross-Functional Communication

Let’s take a closer look at each.

1. Create and enforce strong Access Policies

Start by building flexible, modular access profiles that go beyond job titles. Think in terms of responsibilities, toolsets, and team contexts. Role-based access control (RBAC) should be complemented with attribute-based (ABAC) or task-based approaches for nuanced scenarios.

2. Expand the reach of your IGA

Modern IGA platforms can help detect anomalous access patterns, enforce least privilege, and automate approval workflows. They also provide logs and audit trails for compliance teams. But legacy IGA platforms often only cover a tiny percentage of your total apps, making them ineffective at managing access, while many newer IGA tools don’t have a strong lifecycle management function.

Look for tools that can integrate HRIS, ITSM, and directory services to ingest rich context about employee movement, and also directly manage accounts and permissions in as many of your apps and systems as possible.

3. Implement Access Reviews and Certifications

Schedule regular access reviews, especially after known mover events like org reshuffles or quarterly team changes. Empower managers to verify which access rights should be retained or removed.

4. Establish “Mover” as a Formal Lifecycle Event

Most organizations treat “joiner” and “leaver” as workflow triggers. Do the same for “mover.” Design a process where department changes or team transfers automatically initiate access update workflows. This helps create a repeatable, scalable framework.

5. Promote Cross-Functional Communication

Break the silos. Create shared channels between HR, IT, and security where mover information can be shared early and often. Better yet, use automated notifications driven by changes in HR systems to keep all teams in sync.

How Lumos Can Help

Lumos is the only Autonomous Identity platform, dedicated to making identity and access self-managing across all your identities, apps and systems. With Lumos, you can:

• Use Albus, Lumos’ Agentic AI, to automatically create and maintain access policies that evolve based on real usage patterns in your organization.
• Automate mover processes across all your apps and data systems with the broadest connectivity of any IGA tool.
• Seamlessly integrate with your HRIS to capture changes that trigger mover automations.
• Gracefully transition employees from one role to another, with delayed removal of existing access, so that employees can maintain their old access for a while, without the risk of unchecked access sprawl.

Final Thoughts

Onboarding and offboarding are always first in the queue when organizations think of lifecycle management, but movers are the hidden risk vector – and operational burden – that most companies underestimate. 

As organizations grow and evolve, employee movement becomes more frequent and fluid. Treating movers as first-class citizens in your identity lifecycle strategy is not optional anymore.

To learn how Lumos can help you create a strong movers automation program in your organization, schedule a demo today.

‍