Indiana University Identity Management Systems Buy, build and borrow

1. Indiana University Identity Management SystemsBuy, build and borrow Dennis Cromwell dcromwel@indiana.edu

2. IU Overview • Complexity of environment • Multi-campus – 7+ Campuses • System wide – 95,000 students, 6,500 faculty, 14,000 staff and others • Single name space

3. IU Pain points • Lifecycle identity management • “Cradle to Endowment” • Password and Account management • Single Signon (SSO) • Authorization • Role based • Data Steward Management

4. What do we do? • IdM market was and still is a changing market • We could not write all the components • Buying all components not realistic either • System wide solution = $$$ • Main issue appears to be an integration problem

5. Enter the metaverse • Microsoft Identity Integration Server • Metadirectory • Connected to all of our enterprise “directories” • Aggregates and synchronizes all of our identity data • In some ways the opposite of our original directory strategy • Very well suited to our diverse environment • Mature • Began in 1990s under Zoomit • Affordable • Price low • Used consultant to implement quickly

6. Data Warehouse Course Management Alumni Address Book LDAP MIT Kerberos Oracle Active Directory Infrastructure Directory MIIS Account Management Metaverse PeopleSoft sync

7. MIIS Core to IdM Solution • Directory is virtual • Account Management • MIIS does the heavy lifting • Provisioning • Deprovisioning • Major enhancements to our web UI • Workflow and more coming in MIIS “gemini” • Password management • Self-service reset • Uses personal questions as “credential” • No more trips to the help desk • SP2 adds IVR (reset PW over telephone) • CAS used for SSO

8. What’s next • Subscribe to Burton Group • Engage stakeholders to establish next priorities • Provide consistency to management of authorizations • Federated identity • Continue to review market