1 / 29

NCSU SSO Case Study: Project Goals & Requirements

This case study discusses the project goals and requirements of NCSU's Single Sign-On (SSO) system, including challenges faced and the implementation of Identacor. Explore the benefits realized by NCSU through this solution.

Download Presentation

NCSU SSO Case Study: Project Goals & Requirements

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. - NCSU project goals and requirements- Adoption Drivers- Current challenges and pain points- Identacor at NCSU - Identacor Features - NCSU Key Benefits RealizedI wanted to point out a few things.Slides 3-5: in slides 3&4, these are the overall drivers and requirements for the project. I try to visually capture some of these in slide 5, but it didn't turn out too well. Please let me know what you can do to fix this. Slide 10: Some of the formatting isn't great (text boxes on right).Slide 11: High level architecture of NCUSSlide 12: i want to tailor this to show how NCSU has used various Identacor features and functionalities.Slide 16: need to make this more visually appealing - i copied and pasted stuff into this slide but please improve itSlide 17: need to improve this - I may add some more bullets so allow room to accommodate more content. I also want you to add in your graphic here that we discussed on Skype last time. Slide 19 & 20: Benefits slides. Need a way to show this better. Could I get a first draft by November 25 at 7 AM PST? I am meeting with my customer. It would be helpful to be able to give them an idea of what to expect. It doesn't have to be final by significantly improved.Let me know if you have any questions. Thanks.

  2. NCSU SSO Case Study

  3. NCSU – Project Requirements and Goals • NCSU Operating Environment • Provide support for a number Apps and Programs • Different vendors have their authentication databases • End users must remember 15 different credentials of different types; e.g., • user name and password • multi-factor authentication • PIN numbers • Number of apps in use is increasing at the rate of about 100 year

  4. NCSU – Project Requirements and Goals • NCSU Goals for SSO • Requires only one login per user to access all programs and applications • Is easy enough for children as young as 6 years old to use • Integrates with on-premisis active directory and supports parents or other outside users independent of Active Directory simultaneously • Allows users to change passwords • Can interface, at a minimum, with the following programs • Can possibly interface with these other programs and applications • OPALS, Destiny and Others • Easy to implement user friendly interface for admin support

  5. NCSU – Project Requirements and Goals • System will use minimal amount of Personal Identifiable Information (PII) • Mandatory - End user first name and last name and email address • Discretionary - alternate email address, phone number at user • Ultimate control of user identity remains with our organization • Work within budget constraints • Identity Management • Integrated into SSO backend • Local control over information provided • No unrestricted access to Student Data • Avoid solutions that were too restrictive; e.g., locked into a corporate Silos • Authentication strategies • Goal of no additional username or password required • SAML • OAuth • Domain Federation • Account auto provisioning • Leverage corporate SSO strategies

  6. Key Challenges 1 2 3 4 5 6 NEW DEVICES: ANYTIME, ANYWHERE ACCESS EXPLOSIVE GROWTH IN APPLICATIONS SHIFT FROM ON-PREMISE TO CLOUD DECENTRALIZE ADMINISTRATION DELIVER SECURE & CONVENIENT ACCESS SUPPORT NATIVE, BROWSER AND MOBILE

  7. Pain for IT Time consuming user Provisioning

  8. Pain for End Users Pain for End Users

  9. Identacor @ NCSU 225 application integrations 3600 users across 8 districts and 14 schools

  10. How It Works FIREWALL Mobile Users Outside Users Employees Active Directory

  11. Identacor - Connecting NCSUVT to Apps Provisioning and Deprovisioning Workflow, Audit, Self Service Robust On Prem Integration Directories, Identity Management, Apps Centralized Admin & Reporting Policy, Compliance, Analytics SSO Any Device, Any App

  12. Identacor – Connecting NCSUVT to Apps

  13. Identacor Advantage Features         • Anywhere, Anytime • Application access from any browser • Custom Integrations • Integration with custom apps using the secure auto log in Single Sign On One password access to all applications • App Integrations • Integration with out-of-the-box Apps using SAML protocol • Centralized Management • Application access for Users • Mobile Devices • Application access from desktops, laptops, mobile devices and Chromebooks • Audit Reporting • tools to track company and employee access to and usage of its • cloud-based resources. Active Directory Integration importing users and groups from main AD domain • Audit Reporting

  14. Identacor Cloud SSO • Single Sign-on • Multi-factor Authen-tication • Unified Cloud Directory • User Provisioning • Anywhere, Any Device

  15. Identacor Cloud SSO • Unified Cloud Directory • Multi-factor Authen-tication • Single • Sign-On • User Provisioning • Anywhere, Any Device

  16. Identacor Cloud SSO • Unified Cloud Directory • Single Sign-on • Multi-factor • Authentication • User Provisioning • Anywhere, Any Device

  17. Identacor Cloud SSO • Unified Cloud Directory • Single Sign-on • User Provisioning • Unified Cloud DIrectory • Anywhere, Any Device

  18. Identacor Cloud SSO • Unified Cloud Directory • Single Sign-on • Anywhere, Any Device • Unified Cloud DIrectory • User Provisioning

  19. Active Directory Integration - Benefits Faculty and Students Active Directory

  20. Active Directory Integration - Benefits • Users • NCSUVT imported approximately 3600 users including teachers and students into Identacor • Active Directory imported users can sign into Identacor Service using their Active Directory domain credentials • These users can also change their network password or unlock their network account using the Identacor service • Desktop SSO • Allows users to access Identacor from a domain joined NCSUVT computer while connected to the NCSUVT network (planned roll out Nov 2016) Faculty & Students Active Directory • Active Directory Groups • NCSUVT imported approximately 175 Active Directory groups, including memberships, from AD domain to Identacor • These groups are primarily used for application assignment in Identacor

  21. Metrics NCSUVT currently manages 225 applications in Identacor for it's user base. Apps can be integrated rapidly uding the SAML protocol with any out of the box or web based app. Some of the more popular apps are as follows. The most popular, Google Apps for Education has had 63,551 logons since August 2016 There are currently 3,600 users set up with access to Identacor. Some of the top system users have accessed the service more than 1,000 times

  22. End User Self Service NCSU Users can also change their Active Directory password via Identacor. When a user’s password expires or is reset, they will automatically be prompted to change it the next time they log in to Identacor. Users can proactively change their AD password directly from the account tab on their Identacor homepage, and Identacor keeps all of these credentials synchronized with AD. NCSU can also use self service if they have forgotten their AD password of it their AD account is locked out.

  23. The NCSUVT system supports 1700 PC’s 1100 Macs 1000 Chromebooks Identacor supports logging into Chromebook with Active Directory  Identacor secures Chromebooks, iOS (iPad, iPhone, etc.) and Android devices—so users can access and use their regular tools through their secure Identacor accounts seamlessly.

  24. NCSUVT Org Admins Slide   Delegated AdministrationNCSUVT has more than one Identacor Administrator. They control access to different areas of the Identacor application by assigning admin roles • Organization Admins (Teachers) • have been set up in Identacor • Org Admins can create applications for their students • NCSUVT currently has 12 Org Admins

  25. NCSUVT Benefits Slide     Single Sign on Simplifies log on and access to Google apps. Everyone has access to NCSU apps in the portal. SSO provides very intuitive access to all critical applications right away • Creation of Org Admin • Org Admins can create applications for their students • NCSUVT currently has 12 Org Admins Identacor and Google Appsconnectivity Streamlined and simplified provisioning of new apps, including Google App, to employees Access and integration with many many applications Bookmarks For commonly stored apps, bookmarks are maintained in Identacor and can be accessed from any browser and when users move to another machine 25

  26. 1000’s of Apps – All pre-integrated

  27. Key Benefits Realized • Application Portal Page • Security Ability to monitor application adoption User IT Department • One Password through AD integration • User de provisioning • AD integration – integrate easily with any web app

  28. Key Benefits Realized 1 3 2 SECURELY ADD APPS AT THE SPEED OF BUSINESS ENFORCE SECURITY FOR APPS AND DEVICES MINIMIZE IDENTITY MANAGEMENT SPEND 4 5 INCREASE IT TEAM PRODUCTIVITY AND ENTERPRISE SECURITY ENGAGE EMPLOYEES TO ENFORCE POLICY AND WORK MORE PRODUCTIVELY

  29. Get Serious About The Cloud

More Related