1 / 26

Secure Your Risk. Increase Your Bottom Line.™

Secure Your Risk. Increase Your Bottom Line.™ . www.fischerinternational.com. Leda McNair Database Administrator Coppin State University Brian Vinacco Director of Consulting Services Fischer International Corporation. Agenda. What is Identity Management? Project Scope / Timeline

alta
Download Presentation

Secure Your Risk. Increase Your Bottom Line.™

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Your Risk.Increase Your Bottom Line.™ www.fischerinternational.com Leda McNair Database Administrator Coppin State University Brian Vinacco Director of Consulting Services Fischer International Corporation

  2. Agenda • What is Identity Management? • Project Scope / Timeline • Technology Selection • Phase I: Password Management • Phase II: Provisioning • Phase III and Beyond • Summary: Critical Factors • Q & A

  3. What is Identity Management? • Password Management / Access Management • Provisioning / Authorization • Compliance AAre you who you say you are? AWhat permissions do you have? AWhat permissions are you SUPPOSED to have? When did you have those permissions? Who approved those permissions?

  4. What is Identity Management? • Password Management EMPLOYEES CONTRACT PASSWORDS PASSWORDS PASSWORDS PasswordAuthentication PASSWORDS DISTANCE LEARNERS STUDENTS

  5. APPROVAL APPROVAL What is Identity Management? • Provisioning / Authorization EMPLOYEES CONTRACT PASSWORDS PASSWORDS PASSWORDS PasswordAuthentication PASSWORDS DISTANCE LEARNERS STUDENTS Servers Data Bases Extranet Student Apps Directories Email SupportApplications Oracle-Peoplesoft Business Apps ActiveDirectory

  6. What is Identity Management? • Provisioning / Authorization EMPLOYEES CONTRACT PASSWORDS PASSWORDS PASSWORDS PasswordAuthentication PASSWORDS DISTANCE LEARNERS STUDENTS Servers Data Bases Extranet Student Apps Directories Email SupportApplications Oracle-Peoplesoft Business Apps ActiveDirectory

  7. What is Identity Management? • Compliance • Continuous • Gap Analysis • Policy vs. Reality • Audits (3 types for Coppin) • Excessive Permissions • Orphan Accounts • Separation of Duties • Password Policies EMPLOYEES CONTRACT PASSWORDS PASSWORDS PASSWORDS PasswordAuthentication PASSWORDS DISTANCE LEARNERS STUDENTS Servers Data Bases Extranet Student Apps Directories Email SupportApplications Oracle-Peoplesoft Business Apps ActiveDirectory

  8. Critical Success Factor: Identify the Right Goals • Half-Empty • Pain Points • Time/labor/cost reset passwords • Time/labor/cost to provision accounts • Poor productivity • Half-Full • University Goals • Improve Service Levels to Students • Increase Enrollment • Generate Revenue • Stronger Protection • Operational Excellence FOCUS ON IMPROVING BUSINESS PROCESSES

  9. Critical Success Factor: Biggest Bang We are here

  10. Technology Selection Fischer Identity Suite™ Critical Success Factor: Buying Criteria: Take the long view. • All the capabilities (holistic suite) • Technology to meet unforeseen needs • Business partnership vs. vendor • Focus on business processes, not programming • Only solution that proved it was simple (even provisioning)

  11. SAML SAML Fischer Identity Suite™ The Best Practice Approach • PRODUCTIVITY & SIMPLICITY • Drag & Drop workflow creation increases productivity, lowers cost • INTEGRATION TECHNOLOGY • Integration technology enables unlimited connectivity: out-of-the-box and on-the-fly • ETL: any-to-any synchronization across all applications • CONTINUOUS COMPLIANCE • Integrate compliance across business processes • Automate SoD enforcement • Central audit database with robust reporting • INVESTMENT PROTECTION • All core IdM technologies • Java, SOA, Standards, Services • Integrates to all systems

  12. Password Management Implementation Overview • 8000 Users • Access to Network Resources (email, shares, drives, etc.) Scope: • Focus on business processes, not programming • Only solution that proved it was simple (even provisioning) Duration: • Two weeks (door to door) • Install / Customize / Enhance / Train / Deploy(includes time to debug former provisioning system) Activities: • Remote deployment was key • Quick access to on-site experts • Faster Time to Value: Eliminated 4 days • Cost Avoidance: Removed $20K+ from T/E • CriticalSuccessFactors:

  13. Phase I Password Management

  14. Password Management: Before Password Management: Before • No remote password resets for network resources • Users must go on-campus to use password kiosk • University reset policy: at least every 120 days • Extending existing IdM solution not an option (fragile) PreviousState: • Slows/Prohibits Business Processes • Student Registration, Distance Learning, etc. • Inconsistent Image: Coppin is a Technology Leader StrategicImpact: • Disruptive / Reduced Productivity • Resets performed by application groups ($$) & Help Desk ($) • Expensive • Over 500/month at beginning of semester • avg. 10 min/reset x $35.00/hr • Tactical • Impact:

  15. Password Management: Goals • Improve student service levels and satisfaction • Increase revenue & “bottom line” by removing barriers • Increase online registration (Student Registration) • Increase enrollment (Distance Learning) • Enable critical business processes • Improve functional department efficiency and productivity • Reset passwords from any location (self-service) • In place before Fall Semester • Reduce password reset calls by 90% • Improve internal resource utilization • Reduce operational costs Strategic Tactical

  16. Password Management: After • ProductivityGained / day • 34 resets • x 10 min • 5 hr. 40 min.

  17. DISTANCE LEARNERS Results Results • Achieved Goals: Goals: EMPLOYEES CONTRACT STUDENTS OnlineRegistration OnlineRegistration • Doubled Distance Learning Distance Learning • 11% Increasein enrollment Reset Calls Avoided Reset Calls Avoided • 34 resets / day • 5 hr. 40 min./day • ~1 FTE / week Productivity Gains Productivity Gains Time to Value Time to Value • 2 weeks Password Management: After On / Off Campus Password Reset

  18. Phase II Provisioning

  19. Phase II: Provisioning • Oracle-PeopleSoft: Employees • Oracle-PeopleSoft: Students Provisioning Implementation First Round Fall - Winter ‘05 Second Round Spring ‘06

  20. Provisioning: Goals • Increase enrollment • Admissions: Leverage network services as “marketing tool” • Improve service to students, staff • Hire: “Request to Fill” / Adjunct Professor • Enable new business processes and services • Reduce provisioning time from days to hours • Eliminate manual, paper-driven processes • Improve resource utilization for IT and Application organizations Strategic Tactical

  21. Admissions Provisioning: Before Prospective “New Student” Population • Potentially 1000’s of • “New Students” • Too much work to provision unless they’re confirmed • Risk of not deprovisioning • Manual Activation • July (peak) • 1500 – 1800 Actual • Person-hours: 4-6 hours • Turnaround: 24-48 hours • Occurs 50-60 times in peak • Annual Hours: 500 - 600 • (12 – 15 person-weeks) Records Registration To functional Departments Fees Paid? Matriculated? sqr student file Old Provisioning Solution Email Disk etc. Add/Drop Date: Manually deprovision Inactive“New Student” Accounts

  22. Provisioning Network Resources: After Expected Process / Results RequestApplication Prospective “New Student” Population • Potentially 1000’s of • “New Students” • Provisioning triggered by • “Matriculation” in PS • Provisioning time reduced from 24 - 48 hours to 1. • Prospective student engaged in January vs. July/August. • 6-9 months of free resource access vs. 1-3 • All IdM events recorded • Deprovisioning automatically occurs at Add/Drop date • No labor • Frees-up 4 people • Avoids 500-600 hours labor Financial Aid App. Apply for Admission. Matriculated? Policies/Groups/Roles Workflow Audit Email Disk etc. Scheduled Deprovision after Add/Drop Date: Revoke access

  23. Phase III and Beyond Phase III and Beyond Phase IIISummer ‘06 • Oracle-PeopleSoft Upgrade • Other Business Processes and Outlying Applications • Mobile: Provisioning approval, password resets, etc. Phase IVTBD

  24. Summary: Critical Success Factors • Identify the Right Goals. • Look for Biggest Bang First. • Take a Phased Approach • Buying Criteria: Take the Long View. • Look at the Business Process - Not the Pain. • Simple is Good. (TCO) • More to come in June at the next Conference

  25. Q & A Leda McNair Database AdministratorCoppin State University lmcnair@coppin.edu 410-951-3885 Brian Vinacco Director, Support Services Fischer International Corporation brian.vinacco@fisc.com 239-643-1500 • Stop by Fischer Exhibit • IDC Case Study • Giveaway • Access to IdM White Papers

  26. “Request to Fill:” After

More Related