1 / 18

Enhancing Identity Management with Banner Technology: A Higher Education Approach

Explore the implementation of Identity and Access Management (IAM) solutions in Higher Education using Banner technology. Learn about security, cost reduction, and privacy protection benefits, as well as the challenges faced by institutions. Discover how IAM can improve security and operational efficiency while addressing complex identity requirements. Case studies from Lehigh University provide insights into evolving identity management strategies in higher education settings.

hayley
Download Presentation

Enhancing Identity Management with Banner Technology: A Higher Education Approach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World

  2. Introductions • Lehigh University • Sara Rodgers – Team Lead Identity & Access Management • Tricia Wilson – Banner Senior Analyst • APTEC, LLC • Aaron Perry - President

  3. General Announcements: • Please remember to silence all cell phones/pagers • Please hold all questions to the end of the presentation. Thank you for your cooperation

  4. Agenda • Overview of Campus Identity and Access Management (IAM) • Identity in Higher Education • Banner Identity Management Reference Architecture • Lehigh University Case Study • Use Case: Banner Faculty Provisioning / On-Board Process • High Level Oracle Identity Management Architecture • Project & Technical Considerations Implementing Identity Management in a Banner Environment

  5. Campus Identity & Access Management (“IAM”) External Internal SOA Applications Delegated Admin Alumni/ Customers Affiliates Faculty & Staff Students SOA Applications Identity Management Service • Access Management • Authentication & SSO • Authorization & RBAC • Identity Federation Identity Administration • Delegated Administration • Self-Registration & Self-Service • User & Group Management Auditing and Reporting Monitoring and Management Workflow and orchestration • Directory Services • LDAP Directory • Meta-Directory • Virtual Directory • Identity Provisioning • Who, What, When, Where, Why • Rules & access policies • Integration framework Applications Systems & Repositories Hosted By The University of Mary Washington Fac/Staff Student ERP CRM OS (Unix) HR Mainframe NOS/Directories

  6. IAM Solutions Address Top Issues faced by Higher Education Institutions • IAM can improve security, reduce costs, and protect privacy • Security breaches / business disruptions • Operating costs / budgets • Data protection / privacy • Large and growing number of Institutions have experienced IT Security “Breaches” in last 12 months. • Unauthorized access to sensitive institutional data • Research database hacked • Breaches of Student & Facility SSN’s

  7. What we typically see at Higher Education Institutions • Manual Processing • Workflow • Provisioning • Home Grown Solutions • Good at provisioning • Inefficient or non-existent de-provisioning and transfers • Inability to scale to meet growing demands • Inconsistent/ineffective auditing and reporting • Lack of Security Policies and Enforcement • In many cases, still reliant on Open Source solutions • OpenLDAP, CAS, Pubcookie

  8. Identity Requirements in Higher Education Are Complex • Many roles with different access requirements • Users often have multiple roles • Frequently changing roles for most constituents • Multi-campus environment • Legacy of multiple, fragmented identity stores • Integration with Higher Education specific applications; SunGard Banner, BlackBoard, R25, Library and Parking Systems.

  9. Banner Identity Management Reference Architecture

  10. Case Study: Lehigh University • Current Environment • Homegrown system • Developed and supported by staff w/20+ years • Adapted & patched over many years • New constituent groups • Networking and server changes • Compliance requirements • New applications and systems

  11. Case Study: Lehigh University • Project Background • Enterprise Level Solution Identified • Implementation Team Formed • Phase I: Discovery, Documentation, Design • Phase II: Development, Testing, Deployment • Business Drivers • Compliance ( auditors, FERPA, GBL, HIPAA) • Complexity (new roles, more granularity)

  12. Case Study: Lehigh University

  13. Case Study: Lehigh University OID • Technical Drivers • Sustainability – standardized, documented solution • Scalability • Easier to extend the solution to other key applications and infrastructure • Incrementally add functionality such as workflow, approval processes, and attestation • Federation • Security - foundation for enterprise application security framework • Additional and more secure authentication methods • Rich auditing and reporting capability

  14. Project ConsiderationImplementing IdM with Banner • Formation of IdM Steering Committee • Focus on business process and policy • Dedicated resources from the University • Project Manager • Technical Resources

  15. Use Case: Auto On-Board Faculty

  16. Architecture: Lehigh IdM

  17. Technical ConsiderationsImplementing IdM with Banner • Customs Views vs. Sungard Banner IDM Offering • Real-time vs. batch oriented reconciliation. • Requires Oracle Access Manager which Lehigh is not prepared to implement at this time. • Requires Banner 8, which some of our applications are not certified for at this time (EM). • Sungard IDM offerings could be a future upgrade. • Substantial number of constituents that need to be defined and maintained inside of Banner. This is done using GORRSQL and GORIROL and is the main driver of IDM.

  18. Questions & Answers

More Related