1 / 13

Who’s on First?

Who’s on First?. Identity Management Challenges and Possible Solutions. Presented by (in increasing order of identity management project progress). Bob Haring-Smith, Project Portfolio Coordinator, Office of Information Technology, West Virginia University

berg
Download Presentation

Who’s on First?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Who’s on First? Identity Management Challenges and Possible Solutions

  2. Presented by(in increasing order ofidentity management project progress) • Bob Haring-Smith, Project Portfolio Coordinator, Office of Information Technology, West Virginia University • Roy Gruver, Director, Technology Management Services Group, Lehigh University • Ted Bross, Associate Director, Administrative Information Systems, Princeton University

  3. Who's on First? Identity Management Challenges and Possible Solutions WVU Synopsis Institution: 28,000 students, including grad and professional 2,000 faculty Health Sciences Campus with affiliated hospitals and largely separate administration Technology: Typical panoply of admin. systems (Oracle e-Business Suite, Banner) Blackboard LMS (née WebCT Vista) GroupWise e-mail and calendar Luminis portal Numerous less widely used systems

  4. Who's on First? Identity Management Challenges and Possible Solutions WVU Identity Management Project several years ago Eliminated extraneous use of SSN Introduced WVU ID No follow-up to implement some form of IdM due to lack of executive support Current project One year from inception to choice of vendor Universal buy-in more important than vendor chosen Other projects spawned

  5. Who's on First? Identity Management Challenges and Possible Solutions Lessons from other schools Any of the products we considered can work satisfactorily Consultants play a crucial role; be sure to learn from them Spend time up front on planning and on specifying business processes carefully Every school’s situation is different Phased approach with big win early Once started, IdM never ends

  6. Background Who's on First? Identity Management Challenges and Possible Solutions • Around 7,000 students • Around 1,200 Faculty/staff • RFP in Fall 2006 • Assessment/Agreement 2007 • Consultant selection – Feb 2008 • Project kickoff- March 10, 2008

  7. Drivers for Action Who's on First? Identity Management Challenges and Possible Solutions • Single sign-on for major systems • Processes without policies • Policies without agreement • Lack of consistent methodology • Role inflation/Lack of granularity • Limited reporting & auditability

  8. Objectives Who's on First? Identity Management Challenges and Possible Solutions • Some one responsible! • Policy development • Individual use cases • Exquisite documentation • Consistent platform • Accommodate future growth

  9. Challenges/Solutions Who's on First? Identity Management Challenges and Possible Solutions • “Stay the course” vs “Out to bid” • $ shows you’re serious • Leader for identity & access mgt • Consultant moderated discussion • Structured discovery/design process • Implementation questions remain

  10. Who's on First? Identity Management Challenges and Possible Solutions Princeton University 4900 Undergraduate Students (all full-time, day) 2300 Graduate Students (almost all full-time, fully funded) 850 Full-time Faculty Members PeopleSoft ERP (HR, Student, Financials) with many Java based applications for other administrative functions No Medical School, Dental School, Law School, Business School (I died and went to heaven) Existing “Patchwork” set of incomplete and manually intensive solutions for Identity Management (some of our faculty and staff died, went to heaven and still appeared on our on-line directory) LDAP Authentication with PeopleSoft Campus Community as the authoritative source of people New Identity Management Project kicked off in September 2007

  11. Who's on First? Identity Management Challenges and Possible Solutions High Level Objectives of the Identity Management Project Automate the creation of the university NetIDs Automate the provisioning and deprovisioning of user accounts and the services to which those users are entitled (e.g.-Unix, AD, Public Search Directory, OPM etc.) Establish self-service user account claiming and password reset processes Support Single Sign On (SSO) Strengthen application security, starting with the 9.0 upgrade of the PeopleSoft HR and Student systems

  12. Who's on First? Identity Management Challenges and Possible Solutions Top 10 Things Learned in an Identity Management Project Identity management is still in its infancy and you will soon become an expert and a leader in the field very quickly. Make sure you have full campus buy in, both from the top down and bottom up Treat the project like a full ERP implementation, with a dedicated project team, a full project plan, stakeholders and a proactive communications plan. Do not underestimate the sheer volume of work/time needed, both from a technical and from a functional perspective. Make sure you actively manage your consulting partner.

  13. Who's on First? Identity Management Challenges and Possible Solutions Top 10 Things Learned in an Identity Management Project (cont.) Make sure your consulting partner and your application vendor are on the same page. Make sure your consulting partner and your application vendor understand the complexities and idiosyncrasies of a university environment. Nail down all your business rules early in the project and look for ways to reengineer antiquated university business practices. Make sure you enlist (and keep) the correct people on the project, both on your own project team and on your consulting partner’s team as well. If it looks and sounds too easy to be true…it probably is.

More Related