When she arrived at Delaware in December 2017, Pitt said, the university was “in a solid place but really not a mature place in terms of how we wanted to be with IAM. We are mov- ing toward that.” She added that having great project managers and business analysts is important: “If you partner and communicate effectively, there may be an opportunity to consolidate roles and access points.”
Delaware is in the process of hiring an iden- tity and access management specialist who will report to the enterprise application team, she said, and the newly hired CISO will also be closely involved.
Like other CIOs, Pitt recognizes that IAM is more of a discipline than a project. “This is not something where you work on it and then you are done,” she said. “You need to have flexibil- ity in your environment to take on new use cases, because they will crop up.”
Indeed, new use cases are a common occur- rence at Duquesne, Dugas said. For instance, one of the university’s stated goals is to engage the local community more deeply, and that may involve community members using Duquesne’s computing environment. “We are not positioned for that yet,” he admitted.
In addition, while Dugas’ team was creating its matrix of current IAM needs, university adminis- trators decided they wanted to add recently
IAM efforts run the risk of getting siloed if IT and information security teams fail to engage the communities they serve to better understand their needs.
admitted students to the mix. “The university decided it was critical to get them in as early as possible to have them feel a sense of communi- ty,” he explained. “If we made it difficult for them to gain access, with hoops that are hard to jump through, they might have a bad experience out of the gate,” he said. “Getting that right was a big effort, but it was valuable work.”
Lessons Learned from an
IAM Revamp
If Duquesne and Delaware still have work to do on the IAM front, Harvard University (MA) has already done a lot of the heavy lifting. From 2013 through 2017, Harvard made a concerted effort to revamp the IAM experi- ence for the campus community. Among the major benefits achieved in the project branded HarvardKey, according to project documents available online:
One login for life has replaced an average of six-plus logins per user; University-wide adoption of standardized and improved passwords with associated two-factor authentication dramatically increases security; and
All schools across Harvard are integrated with common user identities that enable university e-mail, HarvardPhone and more than 2,000 other applications.
Valeri Potapova/Shutterstock