Identity and Access Management. Mike Noel, Brandon Mills, Chris Pruess. Kris Halter

Similar documents
Maggie Jesse Tim Shie. Romy Bolton

Who Should be on Your Project Team: The Importance of Project Roles and Responsibilities

CIO Council Project Completion Report. University Identity and Access Management (UIAM)

Administrative & Student Information Systems Refresh: Phase I Project Update

OE Project Charter Template

BruinCard Replacement Project

Building an IAM Program at Portland State University. Polling URL:...

IDENTITY AND ACCESS MANAGEMENT PROJECT QUALITY ASSURANCE REPORT #1

WolfWare Standard Operating Practices/Procedures (SOPs) North Carolina State University

Windchill System Validation Technical Brief

IDENTITY AND ACCESS MANAGEMENT SOLUTIONS

Oracle Cloud Blueprint and Roadmap Service. 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved.

IT Procurement. Project Details

Software Asset Management (SAM) Statement of Work (SOW) SAM BASELINE REVIEW (For use with the Microsoft SAM Services Incentives Program)

Charter for Enterprise Risk Management

Information Technology Services (ITS)

NECC STRATEGIC THEME: NECC Key Performance Indicator:

Strategic Plan. The College of New Jersey Information Technology

IAM Operations Transition CIO Council Review. January 23, 2016 Monday Smith Center 561 2:30 pm - 3:30 pm

Software Asset Management (SAM) Statement of Work (SOW) SAM Infrastructure Optimization (For use with the Microsoft SAM Services Incentives Program)

<Project Name> Business Case

IS&T s Strategic Projects

WHITE PAPER Demonstrating Return on Investment with Enterprise-Class Identity and Access Management Technology

DRAFT CTCLINK PROJECT CHARTER. SBCTC ctclink PROJECT MANAGEMENT OFFICE. Revised Aug-Sept 2018 to reflect project reorganization and restart

PD Re-engineering Program Charter

Fixed Scope Offering for Implementation of Oracle Fusion CRM in Cloud

ACTION Agenda Item I ANNUAL AUDIT REPORT December 6, 2002

CTERA Enterprise File Sync and Share (EFSS) - CTERA Overview

Skype for Business Rollout: Continue migration of departments to Skype for Business Telephony. Target to have 95% completed by Dec (B.

"Priority: Level 1: high priority; high commitment Level 2: subject to longer timeframe if constraints increase/shift"

Stat Production Services for Oracle E-Business Suite (Onsite and Remote)

Stat Production Services for PeopleSoft (Onsite and Remote)

Goal 1: CONTINUED DEVELOPMENT OF ADVANCED TECHNICAL SERVICES

Optimize Your Cost to Migrate to Windows 10 Using Gartner's Cost Model

Starfish Associates Playbook for Partners Cisco

Information Technology Services Project Management Office Operations Guide

IAMUSF. Identity and Access Management at the University of South Florida

TIER Release One A Community Milestone, Why It's Important and What's Next

ITEC 495 V2WW. David Marks, Amber Painter, and Garret Latham. Assignment 1-3-2: Capstone Project: Project Vision and Scope. Professor Wayne Smith

Goal 1: Improve communication and collaboration with ITS partners and customers

BUCKNELL UNIVERSITY. JasonFriedberg Friedberg, Chief Department of Public Safety,

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Managed IT

Oakland County Department of Information Technology Project Scope and Approach

Emory University Case Study I2 Day Camp

Solution Analysis and Design Strategy (D18)

Medicaid Enterprise System Program

Document Process Automation (DPA) Product Support Lifecycle Policy

2. Services. The Scope of Work is amended by adding additional work. The additional work is detailed in the attached Exhibit A.

S O U T H F L O R I D A W A T E R M A N A G E M E N T D I S T R I C T. Project Charter

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

INFORMATION SERVICES FY 2018 FY 2020

Cloud HCM is Better than Ice Cream: Wells Enterprises Case Study

NORTH ORANGE COUNTY COMMUNITY COLLEGE DISTRICT DISTRICT INFORMATION SERVICES TECHNOLOGY PLAN

Cloud Transformation Program Cloud Change Champions September 20, 2017

Appendix H: Tracking Tool Recommendations

A Crash Course in migrating seamlessly to Office 365

Kansas State University Information Technology Strategic Plan January 7, 2019

IT MANAGER - BUSINESS & TECHNOLOGY APPLICATIONS (12235) ( )

Starfish Associates Playbook for Partners Cisco

Troy University Office of Information Technology Technology Plan. Using Technology as a Strategic Enabler

Strategic Issues for DPH IT DPH IT Governance Structure Healthcare Reform Key Aspects Healthcare Reform Project Status Meaningful Use Project

Fixed Scope Offering for Oracle Fusion Procurement. Slide 1

Project Name: Oracle Identity Manager 11gR2 Upgrade

Virtualized Educational Lab Setup Project Plan and Supporting Project Documentation

Oracle Taleo Business Edition Implementation Fixed Scope Offerings

One campus card for Educational Institutions

MIGRATING AND MANAGING MICROSOFT WORKLOADS ON AWS WITH DATAPIPE DATAPIPE.COM

General IT Services Roadmap, October 2017

Identity and Access Management Success Stories.

Verismic Power Manager Solution Brief

Services Description. Transformation and Plan Services. Business Transformation and Plan Services

Health Information Technology Administrative Technology Subcommittee

IT MANAGER - BUSINESS & TECHNOLOGY APPLICATIONS (12235) ( )

BACKGROUND KEY FINDINGS

Workflow without Workflow Project successes by implementing simple workflows in Maximo with minimal effort and resources

Hardware and Software Requirements

Configuration Overview

VDI. Citrix Cloud Services Adrian Fish

Enabling Cross-University Collaboration with Harvard IAM: TIER, InCommon, and Grouper. IT Summit 2015 June 4, 2015 Thursday 1:10-2:00 p.m.

Usher. Security, analytics & productivity all in a single solution

A Lakeside Software White Paper. Planning for Desktop Virtualization

WIPRO HCM APPLICATION SERVICES ENGINEERING A COMPLETE ORACLE SOLUTION DO BUSINESS BETTER

Carequality Governance Charter

Cloudy skies. How to bring clarity to your cloud platform in order to optimize your investment. September 2016

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and getting started with modern MFA solutions

SAP Product Road Map SAP Identity Management

HP and Microsoft integrated innovation for end-user productivity

Oracle Service Cloud. New Feature Summary. Release 18C ORACLE

Oracle. Project Portfolio Management Cloud Getting Started with Your Implementation. Release 13 (update 17D)

Job Family Matrix. Core Duties Core Duties Core Duties

NORTH ORANGE COUNTY COMMUNITY COLLEGE DISTRICT DISTRICT INFORMATION SERVICES TECHNOLOGY PLAN

IBM United States Software Announcement , dated August 21, 2018

University of Wisconsin-Superior

Modernization and Migration Management (M3) Playbook GSA, Unified Shared Services Management

Oracle SCM Cloud. Release 11. Getting Started with Your Manufacturing and Supply Chain Management Implementation O C T O B E R

2019 Project Prioritization and Budgeting Process

Enterprise Architecture Development

A different perspective.

Recommendations for Institution Wide Smart Card Best Practice

Transcription:

Project Name: Project Team Leads: Project Manager: Identity and Access Management Mike Noel, Brandon Mills, Chris Pruess Kris Halter TeamDynamix Project Number: 241151 Project Overview Leverage Identity and Access Management (IAM) solutions to provide more efficient and supportable campus services. Project Purpose and Benefits to Campus Analyze current identity and access management services and support structure in central and distributed units. Create a future state model that achieves cost savings through greater efficiency. Benefits to campus: 1. Cost savings through greater efficiency 2. Better service delivery to campus through evolved identity management 3. Use of single credentials across departments supports simpler, more cohesive, service integration for customer access. 4. Reduced implementation time and effort for services using enterprise credentials 5. Consolidation of services and associated overhead 6. Greater security in applications and electronic door access rights management 7. Increased adoption of standards - technologies, processes, business rules leads to more consistent, supportable service deployments. Project Scope Statement In Scope 1. Consolidation of the UIOWA shared campus forest domain infrastructure 2. Migration of external campus forests into the Iowa domain 3. Simplification of Iowa domain credential management 4. Evaluation of existing central and collegiate IAM operations and use of vended IAM systems 5. Enhancement and extension of enterprise-level provisioning/deprovisioning of services 6. Enhancement and extension of the Campus IowaOne ID Card system infrastructure 7. Enhancement and extension of Electronic Door Access Control Systems automation and data management Out of Scope: Charter Template v 1.5 Page 1 of 5

1. State Hygienic Lab Active Directory forest and electronic door access management for compliance reasons. 2. Management of objects in the Healthcare domain. High-Level Requirements A successful project requires: 1. Consolidation of the UIOWA shared campus forest domain infrastructure, resulting in retirement of the Dentistry and Public Health domains. 2. Evaluation of existing central and collegiate IAM operations and use of vended IAM systems a. Migration of 3 College of Engineering external forests into the UIOWA forest Iowa domain b. Development of solution for external identities 3. Operational streamlining of Iowa domain credential management a. Extension of IAM to support UNIX systems including Active directory, administrative tools, and processes. b. Vendor support for Windows 2012 R2 for Microsoft Password Change Notification Service (PCNS) 4. Enhancement and extension of enterprise-level provisioning/deprovisioning of services a. Completion of IAM infrastructure refresh b. Integration of enterprise login tools with the federation toolset 5. Enhancement and extension of the Campus IowaOne ID Card system infrastructure a. Enablement of additional UIHC card types for door access service. b. Development of a photo upload self-service system 6. Enhancement and extension of Electronic Door Access Control Systems a. Upgrade access control infrastructure in non-uihc buildings to leverage single ID card technology. b. Expansion of automated role-based electronic door access management High-Level Risks 1. Change in DNA workgroup Leadership. 2. Existing DNA staff capacity may be insufficient to simultaneously meet needs of this project and needs of other OneIT project IAM dependencies. 3. Campus acceptance and adoption of new and changing solutions. 4. Significant labor needed to reconfigure existing distributed services to perform in a central environment. 5. Limited flexibility to meet the specific needs of each department. 6. New technology learning curve. 7. New technology feature and functionality must meet expectations and needs. 8. Shared infrastructure across HCIS and Iowa. 9. External factors overriding IAM priorities and requirements. 10. Complexity of supporting two electronic door access systems. Millennium is limited in functionality, compared to AMAG. Charter Template v 1.5 Page 2 of 5

Assumptions and Constraints 1. Email and file space related provisionining/deprovisioning in December document will be incorporated into the O365 project. 2. UIHC and College of Medicine will be affected by the actions of the IAM project. 3. Appropriate staffing solutions must be in place, such as additional hiring and temporary/permanent reassignment of selected campus IT staff to DNA team. 4. Will require additional staff support from ES Ecommunication, EI-SST, and others 5. Campus users will complete migrations to new solutions, allowing shutdown of legacy, duplicative solutions. 6. Someone (e.g., CIO/ISPO/Regents wide) will write an enterprise security policy. a. Campus applications will be required to use an enterprise authentication credential (HawkID or HealthcareID) unless an exception is granted. b. Cloud service providers should be members of InCommon. Project Governance The OneIT Steering Committee is ultimately responsible for overseeing and certifying the viability, support, and overall success of the IAM project at the Department and Organization levels. The OneIT Steering Committee has the following responsibilities: Champion the IAM project. Approve the IAM Project Charter. Provide adequate staffing and resources. Provide high-level oversight, and support. Review and approve major scope changes to the IAM project. The OneIT Program Office Champion the IAM project. Provide escalation resolutions. Provide oversight of requirements, and support. Provide clarification of issues, questions, and concerns. The IAM Advisory Committee Provide feedback and input. Representation of various viewpoints and departments. Validate draft procedures and policies. Provide clarification of issues, questions, and concerns. Strategic planning and prioritization Campus communication and outreach Charter Template v 1.5 Page 3 of 5

Anticipated Cost Savings Categories Efficiency Consolidation of AD infrastructure, with reduced hardware requirements Increased automation of HawkID management Increased automation of provisioning/deprovisioning Increased automation of door access control Sub Projects 1. Migrate UIOWA forest resource domain functionality to Iowa domain 2. Streamline operational support for Iowa domain credential management a. Extend IAM to support UNIX systems including Active directory, administrative tools and processes. b. Implement Active Directory-Oracle password synchronization. c. Flatten ID management to reduce administrator effort 3. Evaluate existing central and collegiate IAM operations and use of vended IAM systems a. Migrate 3 College of Engineering external forests into the Iowa domain b. Develop a solution for external identities 4. Enhance and extend enterprise-level provisioning/deprovisioning of services a. Complete IAM infrastructure refresh b. Explore integration of HawkID login tools with federation toolset c. Create an integrated set of self-service Identity Management services 5. Enhance and extend the Campus IowaOne ID Card system a. Enable use of additional UIHC card types for door access service b. Develop an ID photo upload system. 6. Enhance and extend Electronic Door Access Control Systems a. Upgrade technology to support usage of a single card across campus. b. Explore management of legacy door locking infrastructure with current campus standard. 7. Expand role-base automation of AMAG electronic door access control of various systems. a. Expand service definition b. Extend automation of role-based access control in AMAG c. Extend automation of role-based access control in Millennium Preliminary Milestones Target Date Charter Review 5/1/2015 Advisory Committee and Project Team Finalized 5/15/2015 Project Plan Finalized 7/3/2015 Project Plan Approval 7/10/2015 Re-architect the UIOWA forest, improve the Iowa domain credential 2017 management, and consolidate external forests into the Iowa domain. Charter Template v 1.5 Page 4 of 5

a) Consolidation of the UIOWA shared campus forest domain Fall 2015 infrastructure b) Extend IAM to support UNIX systems including Active directory, Spring/Summer 2015 administrative tools and processes. c) Implement Oracle password synchronization. 2017 d) Develop a solution for external identities 2017 e) Migrate College of Engineering external forests into the Iowa domain 2017 f) Streamline HawkID management. 2017 Evaluate existing central and collegiate IAM operations and use of vended 2018 IAM systems Enhance and extend enterprise-level provisioning/deprovisioning of 2016 services a) IAM infrastructure refresh completed July 2015 b) Test integration of login tools with the federation toolset Fall 2015 c) Create an integrated set of self-service Identity Management services 2016 Enhance and extend the Campus IowaOne ID Card system 2016 a) Extension service of non-charging UIHC cards. 2016 b) Develop an ID photo upload system. May 2015 Enhance and extend Electronic Door Access Control Systems 2016 a) Upgrade technology to enable usage of a single card across campus. Spring 2015 b) Explore managing legacy door locking infrastructure with current 2016 campus standard. Expand role-base automation of electronic door access control of various Fall 2015 systems. a) Expand service definition Fall 2015 b) Extend automation of role-based access control in AMAG Fall 2015 c) Extend automation of role-based access control in Millennium Fall 2015 Stakeholders: Potential Implementation Cost: Refer to Stakeholder Registry TBD at Sub Projects Target Start Date: 4/15/2015 Target Go-live Date: 1/1/2018 Charter Ratification Date MM/DD/YY Charter Template v 1.5 Page 5 of 5

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback