SlideShare a Scribd company logo

Iam update 2014.10.16

Download as PPTX, PDF
K
kevin_donovan

Iam update 2014.10.16

Education
1 of 15
FAS Stakeholders: IAM is Working for You! Jane Hill Director, IAM Product Management
What is Identity & Access Management? Identity and access management (IAM) technologies and services enable the right individuals to access the right resources at the right times for the right reasons. We all use IAM solutions many times a day: • Logging in to websites, servers, and other resources • Accessing research materials at Harvard and beyond • Checking a colleague’s calendar for a meeting • Adding, removing, or changing employee records At Harvard, the IAM program exists to streamline these interactions and make it easier for you to do your day-to-day tasks. 2
What is Identity & Access Management? Our vision: Provide users, application owners, and IT administrative staff with secure, easy access to applications; solutions that require fewer login credentials; the ability to collaborate across and beyond Harvard; and improved security and auditing. 3 Objectives Guiding Principles Key Performance Indicators Simplify User Experience Simplify and improve access to applications and information inside and outside of the University Enable Research & Collaboration Make it easier for faculty, staff, and students to research and collaborate within the University and with other institutions Protect University Resources Improve the security stature of the University via a standard approach Facilitate Technology Innovation Establish a strong foundation for IAM to enable user access regardless of new and/or disruptive technologies Harvard Community needs will drive our technology Tactical project planning will remain aligned with the program’s strategic objectives Solution design should allow for other Schools to use foundational services to communicate with the IAM system in a consistent, federated fashion Communication and socialization are critical to our success Monthly number of help desk requests relating to account management Monthly number of registered production applications using IAM systems Monthly number of user logins and access requests through IAM systems Monthly number of production systems to which IAM provisions
A New Provisioning System: SailPoint IdentityIQ Provisioning and deprovisioning are key to the IAM program: • Add new users quickly and accurately • Reduce manual processes and delays by issuing access through a central identity store • Make role changes simpler and easier • Streamline the revocation of access when necessary The IAM program is now transitioning to the use of SailPoint IdentityIQ to manage provisioning and deprovisioning. 4
• Thousands of accounts are claimed every year • Passwords are synched to multiple systems: – Active Directories (used for email) – LDAP (used for file sharing, and application access management) – Google (@college, @g) – Home directories and Kerberos • Sponsored accounts processed by Service Desk • Self-service password resets using Oracle Waveset • Automatic disabling of accounts (different rules for different types of accounts) FAS IAM Details 5
• Improve the user experience – Claiming should be easy to use, and work on mobile devices – Self-service password reset without security questions • Simplify onboarding for all types of users • Enable early access when appropriate • Put sponsored account processes online (!) • Enable sponsored account managers to extend or end-date accounts directly The Wishlist 6
Connect with Harvard (Claim an Account) Ready • Data are in the Identity Management System • Name • Date of birth • Role • Onboarding email (used when applying, or supplied by onboarding admin) Set • HR, Registrar, or department admin directs new user to the account claiming application Connect • New user enters name, DOB, HUID for basic validation • Email sent to the onboarding email • Use the temporary password you receive in email to login • Choose username • Set permanent password • Provide recovery information • Set security questions • Connected! 7
Types of Sponsored Accounts Affiliate Accounts (People) Service Accounts (Course, Group, Department, Application) Kiosk, Machine and other Special Accounts 8
Sponsored Account Process: Affiliate Process The sponsored The end user… requester… • Submits data about the new user: name, DOB, last 4 digits of SSN, email, reason, etc. • System sends an email Request Validate • Receives email and navigates to the account claiming application • Logs in with email as login name and temporary password • Picks a user name • Sets password • Sets recovery info • Sets security questions • Account is created in sponsor’s department • Notification email sent to sponsored requester Create 9 The end user…
Manage Accounts You Own View a list of the accounts you manage View the resources assigned to your users Your Accounts End-date or renew accounts for your users Request access to specific resources or deprovisioning (Future — 2015) Manage Access 10
The Sponsored Account Process is Evolving Helpdesk Enters Sponsored Accounts Initial 2015 Enable Sponsored Requester Self- Service Wider Release 2015 Self- Registered Guests (Replace XID) Future TBD 1. Focus first on getting SailPoint up and running, plus managing sponsored accounts 2. Then, enable distributed data entry by faculty and staff using web tools 3. Replace XID (self-registered guest) with new tool 11
Opportunity: Simplify by Consolidating Processes MIDAS “POI”: Consultant Contractor Vendor Security FAS “Sponsored Account”: Collaborator FAS-Specific Access for POIs Early Access for Pending Employees Sponsored Identity: Same Account Creation Process Single Username HUID (card in some cases) Single UUID Misc. Identities & Accounts from Schools 12 Clearer sponsorship information for audit, end-user self-service, hands-on management by sponsors to set up and remove access
Sponsored Accounts: Before and After FAS Today • Paper Form & Fax/Mail • HUIT Service Desk Enters • Sponsor gets the password and conveys it to the end user FAS+ in the Future • Online process open to eligible sponsors • End users set up accounts via email and web tool • Password remains private; account self-service reduces helpdesk load 13 Key concepts: Simplify user experience, improve security, and reduce overhead.
In Summary … • All members of the Harvard Community are affected by identity and access management — from the first login screen • IAM exists to make onboarding, day-to-day use, role changes, and access to resources easier for everyone at Harvard • Our efforts will improve productivity and make day-to-day life simpler for faculty, staff, students, researchers, people administrators, application owners, and more • And when IAM services are done right, you don’t even notice the effects — things just work 14
Thank you!

Recommended

ESP POC Findings
ESP POC FindingsESP POC Findings
ESP POC Findingskevin_donovan
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deckkevin_donovan
 
IaaS
IaaSIaaS
IaaSKenny Huang Ph.D.
 
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld
 
Service desk plus presentatione
Service desk plus presentationeService desk plus presentatione
Service desk plus presentationeNguyen Trung Tuyen
 
Cloud First Architecture
Cloud First ArchitectureCloud First Architecture
Cloud First ArchitectureCameron Vetter
 
Lotus Notes Application Migration
Lotus Notes Application MigrationLotus Notes Application Migration
Lotus Notes Application MigrationMaarga Systems
 
JiveWorld 2013 Developer Review - Atlassian JIRA in Jive 7 Integration - Purp...
JiveWorld 2013 Developer Review - Atlassian JIRA in Jive 7 Integration - Purp...JiveWorld 2013 Developer Review - Atlassian JIRA in Jive 7 Integration - Purp...
JiveWorld 2013 Developer Review - Atlassian JIRA in Jive 7 Integration - Purp...AppFusions
 

Recommended

ESP POC Findings
ESP POC FindingsESP POC Findings
ESP POC Findingskevin_donovan
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deckkevin_donovan
 
IaaS
IaaSIaaS
IaaSKenny Huang Ph.D.
 
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld
 
Service desk plus presentatione
Service desk plus presentationeService desk plus presentatione
Service desk plus presentationeNguyen Trung Tuyen
 
Cloud First Architecture
Cloud First ArchitectureCloud First Architecture
Cloud First ArchitectureCameron Vetter
 
Lotus Notes Application Migration
Lotus Notes Application MigrationLotus Notes Application Migration
Lotus Notes Application MigrationMaarga Systems
 
JiveWorld 2013 Developer Review - Atlassian JIRA in Jive 7 Integration - Purp...
JiveWorld 2013 Developer Review - Atlassian JIRA in Jive 7 Integration - Purp...JiveWorld 2013 Developer Review - Atlassian JIRA in Jive 7 Integration - Purp...
JiveWorld 2013 Developer Review - Atlassian JIRA in Jive 7 Integration - Purp...AppFusions
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessForgeRock
 
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTUNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTMicro Focus
 
vServe24/7 brochure
vServe24/7 brochurevServe24/7 brochure
vServe24/7 brochureNous Infosystems
 
Clover Infotech Corporate PPT
Clover Infotech Corporate PPTClover Infotech Corporate PPT
Clover Infotech Corporate PPTSwetha Elias
 
Softchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost GovernanceSoftchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost GovernanceSoftchoice Corporation
 
Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessSecurity that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessCloudPassage
 
SaaS
SaaSSaaS
SaaSNupurVaidya1
 
Software Infrastructure Design, Integration, & Migration Roadmap
Software Infrastructure Design, Integration, & Migration RoadmapSoftware Infrastructure Design, Integration, & Migration Roadmap
Software Infrastructure Design, Integration, & Migration RoadmapInnovate Vancouver
 
Recommended Design Considerations for Enterprise Monitoring
Recommended Design Considerations for Enterprise Monitoring Recommended Design Considerations for Enterprise Monitoring
Recommended Design Considerations for Enterprise Monitoring Prolifics
 
Madhu Sudhan
Madhu SudhanMadhu Sudhan
Madhu SudhanMadhu Reddy
 
4 steps to take control of Flow and PowerApps in your organization
4 steps to take control of Flow and PowerApps in your organization4 steps to take control of Flow and PowerApps in your organization
4 steps to take control of Flow and PowerApps in your organizationTimo Pertilä
 
Cloud-Based Service Management
Cloud-Based Service ManagementCloud-Based Service Management
Cloud-Based Service ManagementCA Technologies
 
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Software India
 
Thisa Customer Presentation Ga
Thisa Customer Presentation GaThisa Customer Presentation Ga
Thisa Customer Presentation GaGuardEra Access Solutions, Inc.
 
Data harmonycloudpowerpointclientfacing
Data harmonycloudpowerpointclientfacingData harmonycloudpowerpointclientfacing
Data harmonycloudpowerpointclientfacingAccess Innovations, Inc.
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureProlifics
 
Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid Evilázaro Alves
 
Database Management Services | Clover Infotech
Database Management Services | Clover InfotechDatabase Management Services | Clover Infotech
Database Management Services | Clover InfotechSwetha Elias
 
Partner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud ManagementPartner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud ManagementVistara
 
Student Debt Solutions
Student Debt SolutionsStudent Debt Solutions
Student Debt SolutionsTodd Meyers
 
14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentationkevin_donovan
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business CaseHitachi ID Systems, Inc.
 

More Related Content

What's hot

Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessForgeRock
 
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTUNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTMicro Focus
 
Clover Infotech Corporate PPT
Clover Infotech Corporate PPTClover Infotech Corporate PPT
Clover Infotech Corporate PPTSwetha Elias
 
Softchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost GovernanceSoftchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost GovernanceSoftchoice Corporation
 
Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessSecurity that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessCloudPassage
 
Software Infrastructure Design, Integration, & Migration Roadmap
Software Infrastructure Design, Integration, & Migration RoadmapSoftware Infrastructure Design, Integration, & Migration Roadmap
Software Infrastructure Design, Integration, & Migration RoadmapInnovate Vancouver
 
Recommended Design Considerations for Enterprise Monitoring
Recommended Design Considerations for Enterprise Monitoring Recommended Design Considerations for Enterprise Monitoring
Recommended Design Considerations for Enterprise Monitoring Prolifics
 
4 steps to take control of Flow and PowerApps in your organization
4 steps to take control of Flow and PowerApps in your organization4 steps to take control of Flow and PowerApps in your organization
4 steps to take control of Flow and PowerApps in your organizationTimo Pertilä
 
Cloud-Based Service Management
Cloud-Based Service ManagementCloud-Based Service Management
Cloud-Based Service ManagementCA Technologies
 
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Software India
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureProlifics
 
Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid Evilázaro Alves
 
Database Management Services | Clover Infotech
Database Management Services | Clover InfotechDatabase Management Services | Clover Infotech
Database Management Services | Clover InfotechSwetha Elias
 
Partner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud ManagementPartner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud ManagementVistara
 
Student Debt Solutions
Student Debt SolutionsStudent Debt Solutions
Student Debt SolutionsTodd Meyers
 

What's hot (20)

Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your Business
 
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTUNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
 
vServe24/7 brochure
vServe24/7 brochurevServe24/7 brochure
vServe24/7 brochure
 
Clover Infotech Corporate PPT
Clover Infotech Corporate PPTClover Infotech Corporate PPT
Clover Infotech Corporate PPT
 
Softchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost GovernanceSoftchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost Governance
 
Security that works with, not against, your SaaS business
Security that works with, not against, your SaaS businessSecurity that works with, not against, your SaaS business
Security that works with, not against, your SaaS business
 
SaaS
SaaSSaaS
SaaS
 
Software Infrastructure Design, Integration, & Migration Roadmap
Software Infrastructure Design, Integration, & Migration RoadmapSoftware Infrastructure Design, Integration, & Migration Roadmap
Software Infrastructure Design, Integration, & Migration Roadmap
 
Recommended Design Considerations for Enterprise Monitoring
Recommended Design Considerations for Enterprise Monitoring Recommended Design Considerations for Enterprise Monitoring
Recommended Design Considerations for Enterprise Monitoring
 
Madhu Sudhan
Madhu SudhanMadhu Sudhan
Madhu Sudhan
 
4 steps to take control of Flow and PowerApps in your organization
4 steps to take control of Flow and PowerApps in your organization4 steps to take control of Flow and PowerApps in your organization
4 steps to take control of Flow and PowerApps in your organization
 
Cloud-Based Service Management
Cloud-Based Service ManagementCloud-Based Service Management
Cloud-Based Service Management
 
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
 
Thisa Customer Presentation Ga
Thisa Customer Presentation GaThisa Customer Presentation Ga
Thisa Customer Presentation Ga
 
Data harmonycloudpowerpointclientfacing
Data harmonycloudpowerpointclientfacingData harmonycloudpowerpointclientfacing
Data harmonycloudpowerpointclientfacing
 
Cloud Options for a Modern Architecture
Cloud Options for a Modern ArchitectureCloud Options for a Modern Architecture
Cloud Options for a Modern Architecture
 
Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid Cloud Computing Models: Private, Public and Hybrid
Cloud Computing Models: Private, Public and Hybrid
 
Database Management Services | Clover Infotech
Database Management Services | Clover InfotechDatabase Management Services | Clover Infotech
Database Management Services | Clover Infotech
 
Partner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud ManagementPartner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud Management
 
Student Debt Solutions
Student Debt SolutionsStudent Debt Solutions
Student Debt Solutions
 

Similar to Iam update 2014.10.16

14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentationkevin_donovan
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business CaseHitachi ID Systems, Inc.
 
SACME power point presentation
SACME power point presentationSACME power point presentation
SACME power point presentationJoshua Wagner
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
 
Microix Requisition Module for Abila MIP
Microix Requisition Module for Abila MIPMicroix Requisition Module for Abila MIP
Microix Requisition Module for Abila MIPNet at Work
 
Edugate Futures
Edugate FuturesEdugate Futures
Edugate FuturesHEAnet
 
All presentation SharePoint O365 and everything else
All presentation SharePoint O365 and everything else All presentation SharePoint O365 and everything else
All presentation SharePoint O365 and everything else Ken Barnes
 
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_final
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_finalSso security&business tool_2018_issa_infosecsummit_grant_reveal_final
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_finalGrant Reveal
 
The FA’s Academy of Learning: Leveraging Learning Technologies to Support the...
The FA’s Academy of Learning: Leveraging Learning Technologies to Support the...The FA’s Academy of Learning: Leveraging Learning Technologies to Support the...
The FA’s Academy of Learning: Leveraging Learning Technologies to Support the...Kineo
 
20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptxAnand Dhouni
 
Salesforce Security: Fully Automated
Salesforce Security: Fully AutomatedSalesforce Security: Fully Automated
Salesforce Security: Fully AutomatedSalesforce.org
 
Directions Answer each question individual and respond with full .docx
Directions Answer each question individual and respond with full .docxDirections Answer each question individual and respond with full .docx
Directions Answer each question individual and respond with full .docxmariona83
 

Similar to Iam update 2014.10.16 (20)

14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business Case
 
SACME power point presentation
SACME power point presentationSACME power point presentation
SACME power point presentation
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
 
Microix Requisition Module for Abila MIP
Microix Requisition Module for Abila MIPMicroix Requisition Module for Abila MIP
Microix Requisition Module for Abila MIP
 
Iam it-summit-2015
Iam it-summit-2015Iam it-summit-2015
Iam it-summit-2015
 
Edugate Futures
Edugate FuturesEdugate Futures
Edugate Futures
 
All presentation SharePoint O365 and everything else
All presentation SharePoint O365 and everything else All presentation SharePoint O365 and everything else
All presentation SharePoint O365 and everything else
 
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_final
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_finalSso security&business tool_2018_issa_infosecsummit_grant_reveal_final
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_final
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
The FA’s Academy of Learning: Leveraging Learning Technologies to Support the...
The FA’s Academy of Learning: Leveraging Learning Technologies to Support the...The FA’s Academy of Learning: Leveraging Learning Technologies to Support the...
The FA’s Academy of Learning: Leveraging Learning Technologies to Support the...
 
Rajiv Resume (1) (1)
Rajiv Resume (1) (1)Rajiv Resume (1) (1)
Rajiv Resume (1) (1)
 
Rajiv Resume (1) (1)
Rajiv Resume (1) (1)Rajiv Resume (1) (1)
Rajiv Resume (1) (1)
 
Rajiv Resume (1) (1)
Rajiv Resume (1) (1)Rajiv Resume (1) (1)
Rajiv Resume (1) (1)
 
20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx
 
Harrier Success Stories
Harrier Success StoriesHarrier Success Stories
Harrier Success Stories
 
Harrier_Success-Stories
Harrier_Success-StoriesHarrier_Success-Stories
Harrier_Success-Stories
 
Salesforce Security: Fully Automated
Salesforce Security: Fully AutomatedSalesforce Security: Fully Automated
Salesforce Security: Fully Automated
 
Xite people management solution introduction
Xite people management solution introductionXite people management solution introduction
Xite people management solution introduction
 
Directions Answer each question individual and respond with full .docx
Directions Answer each question individual and respond with full .docxDirections Answer each question individual and respond with full .docx
Directions Answer each question individual and respond with full .docx
 

More from kevin_donovan

It summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-finalIt summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-finalkevin_donovan
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standardkevin_donovan
 
Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531kevin_donovan
 
It summit 2016_combined
It summit 2016_combinedIt summit 2016_combined
It summit 2016_combinedkevin_donovan
 
It summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosasIt summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosaskevin_donovan
 
Hms crash planitsummit2016
Hms crash planitsummit2016Hms crash planitsummit2016
Hms crash planitsummit2016kevin_donovan
 
It summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosasIt summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosaskevin_donovan
 
Lightbox ham it_summit_final
Lightbox ham it_summit_finalLightbox ham it_summit_final
Lightbox ham it_summit_finalkevin_donovan
 
It summit salesforce
It summit salesforceIt summit salesforce
It summit salesforcekevin_donovan
 
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...kevin_donovan
 
Tlt and friends it summit 2016
Tlt and friends it summit 2016Tlt and friends it summit 2016
Tlt and friends it summit 2016kevin_donovan
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standardkevin_donovan
 
Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16kevin_donovan
 
Phish, flop, or fine
Phish, flop, or fine Phish, flop, or fine
Phish, flop, or fine kevin_donovan
 
IT Academy at IT Summti
IT Academy at IT SummtiIT Academy at IT Summti
IT Academy at IT Summtikevin_donovan
 
Mobile firstpresentation huit
Mobile firstpresentation huitMobile firstpresentation huit
Mobile firstpresentation huitkevin_donovan
 
Saving our social_media
Saving our social_mediaSaving our social_media
Saving our social_mediakevin_donovan
 

More from kevin_donovan (20)

It summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-finalIt summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-final
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard
 
Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531
 
It summit 2016_combined
It summit 2016_combinedIt summit 2016_combined
It summit 2016_combined
 
It summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosasIt summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosas
 
Hms crash planitsummit2016
Hms crash planitsummit2016Hms crash planitsummit2016
Hms crash planitsummit2016
 
It summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosasIt summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosas
 
Lightbox ham it_summit_final
Lightbox ham it_summit_finalLightbox ham it_summit_final
Lightbox ham it_summit_final
 
It summit salesforce
It summit salesforceIt summit salesforce
It summit salesforce
 
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
 
Fa qs 2016-04-21
Fa qs 2016-04-21Fa qs 2016-04-21
Fa qs 2016-04-21
 
Tlt and friends it summit 2016
Tlt and friends it summit 2016Tlt and friends it summit 2016
Tlt and friends it summit 2016
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard
 
Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16
 
Phish, flop, or fine
Phish, flop, or fine Phish, flop, or fine
Phish, flop, or fine
 
Waldo Summit 2016
Waldo Summit 2016Waldo Summit 2016
Waldo Summit 2016
 
IT Academy at IT Summti
IT Academy at IT SummtiIT Academy at IT Summti
IT Academy at IT Summti
 
Mobile firstpresentation huit
Mobile firstpresentation huitMobile firstpresentation huit
Mobile firstpresentation huit
 
Saving our social_media
Saving our social_mediaSaving our social_media
Saving our social_media
 
Urc it summit-2
Urc it summit-2Urc it summit-2
Urc it summit-2
 

Recently uploaded

SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 

Recently uploaded (20)

SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 

Iam update 2014.10.16

  • 1. FAS Stakeholders: IAM is Working for You! Jane Hill Director, IAM Product Management
  • 2. What is Identity & Access Management? Identity and access management (IAM) technologies and services enable the right individuals to access the right resources at the right times for the right reasons. We all use IAM solutions many times a day: • Logging in to websites, servers, and other resources • Accessing research materials at Harvard and beyond • Checking a colleague’s calendar for a meeting • Adding, removing, or changing employee records At Harvard, the IAM program exists to streamline these interactions and make it easier for you to do your day-to-day tasks. 2
  • 3. What is Identity & Access Management? Our vision: Provide users, application owners, and IT administrative staff with secure, easy access to applications; solutions that require fewer login credentials; the ability to collaborate across and beyond Harvard; and improved security and auditing. 3 Objectives Guiding Principles Key Performance Indicators Simplify User Experience Simplify and improve access to applications and information inside and outside of the University Enable Research & Collaboration Make it easier for faculty, staff, and students to research and collaborate within the University and with other institutions Protect University Resources Improve the security stature of the University via a standard approach Facilitate Technology Innovation Establish a strong foundation for IAM to enable user access regardless of new and/or disruptive technologies Harvard Community needs will drive our technology Tactical project planning will remain aligned with the program’s strategic objectives Solution design should allow for other Schools to use foundational services to communicate with the IAM system in a consistent, federated fashion Communication and socialization are critical to our success Monthly number of help desk requests relating to account management Monthly number of registered production applications using IAM systems Monthly number of user logins and access requests through IAM systems Monthly number of production systems to which IAM provisions
  • 4. A New Provisioning System: SailPoint IdentityIQ Provisioning and deprovisioning are key to the IAM program: • Add new users quickly and accurately • Reduce manual processes and delays by issuing access through a central identity store • Make role changes simpler and easier • Streamline the revocation of access when necessary The IAM program is now transitioning to the use of SailPoint IdentityIQ to manage provisioning and deprovisioning. 4
  • 5. • Thousands of accounts are claimed every year • Passwords are synched to multiple systems: – Active Directories (used for email) – LDAP (used for file sharing, and application access management) – Google (@college, @g) – Home directories and Kerberos • Sponsored accounts processed by Service Desk • Self-service password resets using Oracle Waveset • Automatic disabling of accounts (different rules for different types of accounts) FAS IAM Details 5
  • 6. • Improve the user experience – Claiming should be easy to use, and work on mobile devices – Self-service password reset without security questions • Simplify onboarding for all types of users • Enable early access when appropriate • Put sponsored account processes online (!) • Enable sponsored account managers to extend or end-date accounts directly The Wishlist 6
  • 7. Connect with Harvard (Claim an Account) Ready • Data are in the Identity Management System • Name • Date of birth • Role • Onboarding email (used when applying, or supplied by onboarding admin) Set • HR, Registrar, or department admin directs new user to the account claiming application Connect • New user enters name, DOB, HUID for basic validation • Email sent to the onboarding email • Use the temporary password you receive in email to login • Choose username • Set permanent password • Provide recovery information • Set security questions • Connected! 7
  • 8. Types of Sponsored Accounts Affiliate Accounts (People) Service Accounts (Course, Group, Department, Application) Kiosk, Machine and other Special Accounts 8
  • 9. Sponsored Account Process: Affiliate Process The sponsored The end user… requester… • Submits data about the new user: name, DOB, last 4 digits of SSN, email, reason, etc. • System sends an email Request Validate • Receives email and navigates to the account claiming application • Logs in with email as login name and temporary password • Picks a user name • Sets password • Sets recovery info • Sets security questions • Account is created in sponsor’s department • Notification email sent to sponsored requester Create 9 The end user…
  • 10. Manage Accounts You Own View a list of the accounts you manage View the resources assigned to your users Your Accounts End-date or renew accounts for your users Request access to specific resources or deprovisioning (Future — 2015) Manage Access 10
  • 11. The Sponsored Account Process is Evolving Helpdesk Enters Sponsored Accounts Initial 2015 Enable Sponsored Requester Self- Service Wider Release 2015 Self- Registered Guests (Replace XID) Future TBD 1. Focus first on getting SailPoint up and running, plus managing sponsored accounts 2. Then, enable distributed data entry by faculty and staff using web tools 3. Replace XID (self-registered guest) with new tool 11
  • 12. Opportunity: Simplify by Consolidating Processes MIDAS “POI”: Consultant Contractor Vendor Security FAS “Sponsored Account”: Collaborator FAS-Specific Access for POIs Early Access for Pending Employees Sponsored Identity: Same Account Creation Process Single Username HUID (card in some cases) Single UUID Misc. Identities & Accounts from Schools 12 Clearer sponsorship information for audit, end-user self-service, hands-on management by sponsors to set up and remove access
  • 13. Sponsored Accounts: Before and After FAS Today • Paper Form & Fax/Mail • HUIT Service Desk Enters • Sponsor gets the password and conveys it to the end user FAS+ in the Future • Online process open to eligible sponsors • End users set up accounts via email and web tool • Password remains private; account self-service reduces helpdesk load 13 Key concepts: Simplify user experience, improve security, and reduce overhead.
  • 14. In Summary … • All members of the Harvard Community are affected by identity and access management — from the first login screen • IAM exists to make onboarding, day-to-day use, role changes, and access to resources easier for everyone at Harvard • Our efforts will improve productivity and make day-to-day life simpler for faculty, staff, students, researchers, people administrators, application owners, and more • And when IAM services are done right, you don’t even notice the effects — things just work 14

Editor's Notes

  1. Erica
  2. Erica
  3. Erica
  4. Erica
  5. Erica
  6. Erica