Case Study Implementing Identity Management: Critical Factors for Success - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Case Study Implementing Identity Management: Critical Factors for Success

Description:

Directories. Email. Data. Bases. Servers. Student. Apps. APPROVAL. APPROVAL. What is Identity Management? ... Directory. Continuous. Gap Analysis. Policy vs. ... – PowerPoint PPT presentation

Number of Views:108
Avg rating:3.0/5.0
Slides: 27
Provided by: denn102
Category:

less

Transcript and Presenter's Notes

Title: Case Study Implementing Identity Management: Critical Factors for Success


1
Leda McNair Database Administrator Coppin State
University Brian Vinacco Director of
Consulting Services Fischer International
Corporation
2
Agenda
  • What is Identity Management?
  • Project Scope / Timeline
  • Technology Selection
  • Phase I Password Management
  • Phase II Provisioning
  • Phase III and Beyond
  • Summary Critical Factors
  • Q A

3
What is Identity Management?
  • Password Management / Access Management
  • Provisioning / Authorization
  • Compliance

A Are you who you say you are? A What
permissions do you have? A What permissions
are you SUPPOSED to have? When did you have
those permissions? Who approved those
permissions?
4
What is Identity Management?
  • Password Management

EMPLOYEES
CONTRACT
PASSWORDS
PASSWORDS
PasswordAuthentication
PASSWORDS
PASSWORDS
STUDENTS
DISTANCE LEARNERS
5
What is Identity Management?
  • Provisioning / Authorization

EMPLOYEES
CONTRACT
PASSWORDS
PASSWORDS
PasswordAuthentication
PASSWORDS
PASSWORDS
STUDENTS
DISTANCE LEARNERS
Servers
Data Bases
Extranet
Student Apps
Directories
Email
Business Apps
Oracle-Peoplesoft
SupportApplications
ActiveDirectory
6
What is Identity Management?
  • Provisioning / Authorization

CONTRACT
EMPLOYEES
PASSWORDS
PASSWORDS
PasswordAuthentication
PASSWORDS
PASSWORDS
STUDENTS
DISTANCE LEARNERS
Servers
Data Bases
Extranet
Student Apps
Directories
Email
SupportApplications
Oracle-Peoplesoft
Business Apps
ActiveDirectory
7
What is Identity Management?
  • Compliance
  • Continuous
  • Gap Analysis
  • Policy vs. Reality
  • Audits (3 types for Coppin)
  • Excessive Permissions
  • Orphan Accounts
  • Separation of Duties
  • Password Policies

CONTRACT
EMPLOYEES
PASSWORDS
PASSWORDS
PasswordAuthentication
PASSWORDS
PASSWORDS
STUDENTS
DISTANCE LEARNERS
Servers
Data Bases
Extranet
Student Apps
Directories
Email
SupportApplications
Oracle-Peoplesoft
Business Apps
ActiveDirectory
8
Critical Success Factor Identify the Right Goals
  • Half-Empty
  • Pain Points
  • Time/labor/cost reset passwords
  • Time/labor/cost to provision accounts
  • Poor productivity
  • Half-Full
  • University Goals
  • Improve Service Levels to Students
  • Increase Enrollment
  • Generate Revenue
  • Stronger Protection
  • Operational Excellence

FOCUS ON IMPROVING BUSINESS PROCESSES
9
Critical Success Factor Biggest Bang
We are here
10
Technology Selection
Fischer Identity Suite
Critical Success Factor Buying Criteria Take
the long view.
  • All the capabilities (holistic suite)
  • Technology to meet unforeseen needs
  • Business partnership vs. vendor
  • Focus on business processes, not programming
  • Only solution that proved it was simple (even
    provisioning)

11
Fischer Identity Suite
The Best Practice Approach
  • PRODUCTIVITY SIMPLICITY
  • Drag Drop workflow creation increases
    productivity, lowers cost
  • INTEGRATION TECHNOLOGY
  • Integration technology enables unlimited
    connectivity out-of-the-box and on-the-fly
  • ETL any-to-any synchronization across all
    applications
  • CONTINUOUS COMPLIANCE
  • Integrate compliance across business processes
  • Automate SoD enforcement
  • Central audit database with robust reporting
  • INVESTMENT PROTECTION
  • All core IdM technologies
  • Java, SOA, Standards, Services
  • Integrates to all systems

12
Password Management Implementation
Overview
  • 8000 Users
  • Access to Network Resources (email, shares,
    drives, etc.)

Scope
  • Focus on business processes, not programming
  • Only solution that proved it was simple (even
    provisioning)

Duration
  • Two weeks (door to door)
  • Install / Customize / Enhance / Train /
    Deploy(includes time to debug former
    provisioning system)

Activities
  • Remote deployment was key
  • Quick access to on-site experts
  • Faster Time to Value Eliminated 4 days
  • Cost Avoidance Removed 20K from T/E

CriticalSuccessFactors
13
Phase I
Password Management
14
Password Management Before
Password Management Before
  • No remote password resets for network resources
  • Users must go on-campus to use password kiosk
  • University reset policy at least every 120 days
  • Extending existing IdM solution not an option
    (fragile)

PreviousState
  • Slows/Prohibits Business Processes
  • Student Registration, Distance Learning, etc.
  • Inconsistent Image Coppin is a Technology Leader

StrategicImpact
  • Disruptive / Reduced Productivity
  • Resets performed by application groups ()
    Help Desk ()
  • Expensive
  • Over 500/month at beginning of semester
  • avg. 10 min/reset x 35.00/hr

Tactical Impact
15
Password Management Goals
  • Improve student service levels and satisfaction
  • Increase revenue bottom line by removing
    barriers
  • Increase online registration (Student
    Registration)
  • Increase enrollment (Distance Learning)
  • Enable critical business processes
  • Improve functional department efficiency and
    productivity
  • Reset passwords from any location (self-service)
  • In place before Fall Semester
  • Reduce password reset calls by 90
  • Improve internal resource utilization
  • Reduce operational costs

Strategic
Tactical
16
Password Management After
ProductivityGained / day
34 resets x 10 min 5 hr. 40 min.
17
Password Management After
On / Off Campus Password Reset
18
Phase II
Provisioning
19
Phase II Provisioning
Provisioning Implementation
First Round Fall - Winter 05
  • Oracle-PeopleSoft Employees
  • Oracle-PeopleSoft Students

Second Round Spring 06
20
Provisioning Goals
  • Increase enrollment
  • Admissions Leverage network services as
    marketing tool
  • Improve service to students, staff
  • Hire Request to Fill / Adjunct Professor
  • Enable new business processes and services
  • Reduce provisioning time from days to hours
  • Eliminate manual, paper-driven processes
  • Improve resource utilization for IT and
    Application organizations

Strategic
Tactical
21
Admissions Provisioning Before
Prospective New Student Population
  • Potentially 1000s of
  • New Students
  • Too much work to provision unless theyre
    confirmed
  • Risk of not deprovisioning
  • Manual Activation
  • July (peak)
  • 1500 1800 Actual
  • Person-hours 4-6 hours
  • Turnaround 24-48 hours
  • Occurs 50-60 times in peak
  • Annual Hours 500 - 600
  • (12 15 person-weeks)

Records
Registration
Fees Paid?
Matriculated?
To functional Departments
sqr
Old Provisioning Solution
student file
Email
Disk
etc.
Add/Drop Date Manually deprovision InactiveNew
Student Accounts
22
Provisioning Network Resources After
Expected Process / Results
RequestApplication
Prospective New Student Population
  • Potentially 1000s of
  • New Students
  • Provisioning triggered by
  • Matriculation in PS
  • Provisioning time reduced from 24 - 48 hours to
    1.
  • Prospective student engaged in January vs.
    July/August.
  • 6-9 months of free resource access vs. 1-3
  • All IdM events recorded
  • Deprovisioning automatically occurs at Add/Drop
    date
  • No labor
  • Frees-up 4 people
  • Avoids 500-600 hours labor

Financial Aid App.
Apply for Admission.
Matriculated?
Policies/Groups/Roles
Workflow
Audit
Email
Disk
etc.
Scheduled Deprovision after Add/Drop Date Revoke
access
23
Phase III and Beyond
Phase III and Beyond
Phase IIISummer 06
  • Oracle-PeopleSoft Upgrade
  • Other Business Processes and Outlying
    Applications
  • Mobile Provisioning approval, password resets,
    etc.

Phase IVTBD
24
Summary Critical Success Factors
  • Identify the Right Goals.
  • Look for Biggest Bang First.
  • Take a Phased Approach
  • Buying Criteria Take the Long View.
  • Look at the Business Process - Not the Pain.
  • Simple is Good. (TCO)
  • More to come in June at the next Conference

25
Q A
  • Leda McNair
  • Database AdministratorCoppin State University
  • lmcnair_at_coppin.edu
  • 410-951-3885
  • Brian Vinacco
  • Director, Support Services
  • Fischer International Corporation
  • brian.vinacco_at_fisc.com
  • 239-643-1500
  • Stop by Fischer Exhibit
  • IDC Case Study
  • Giveaway
  • Access to IdM White Papers

26
Request to Fill After
Write a Comment
User Comments (0)
About PowerShow.com