Iden'ty and Access Management Governance

Similar documents
Right from the Start: Roles and Responsibilities

Working Groups Report: Making Federa5on Easier

American Samoa Community College

Iden%ty and Access Management IAM Lifecycle Commi/ee Kick- off Mee4ng. April 2, 2014 Wednesday 12:00-2:00 Holyoke 561

Agenda. Intro to Grouper! Project status & recent news! v2.1! v2.2! demo of new UI!

Process Modeling Best Practices. Raphael Derbier Nicolas Marzin

Project ended.. Terminated or canceled.

The HR Audit: A Periodic Review of Your HR Prac6ces. Nancy Edwards

Comprehensive Strategic Planning Framework

Research Compliance Committees

Protec'ng Privacy in the Archives: Preliminary Explora'ons of Topic Modeling for Born- Digital Collec'ons

Kernel Management Guidelines

Round 2 Track A: Best Prac4ce: Add Business Value by Retaining, Advancing and Developing Leaders

Quality Management System (QMS) Refresher Training

Leveraging IT Governance for Business Value. Jacqueline Hanson- Kotei

Continuous Improvement of the SuccessFactors Implementation. Christy Daugherty Charles Machine Works Sharon Cook hypercision Inc

IAM & EA: WORKING TOGETHER TO CREATE AN IAM VISION

Boards and Fundraising. October 13,

Transla(ng Principles to Performance Crea(ng a Global System to Promote Responsible Conduct of Human Research by Physicians

The Legal Ops Investor. Workshop with small group ac9vi9es/exercises

Transla)ng Corporate Success for the Nonprofit Sector: Crea)ng a Balanced Scorecard for Integrated Fundraising Success

National Research Network 2012 Benchmark Report

The Manufacturing & Opera3ons Excellence Collaboratory (MOEC)

New York Hospital Queens PPS Governance Structure

Building an IAM Program at Portland State University. Polling URL:...

Maximizing Your Public Rela4ons Strategy for Success. Tac4cs for Non Profit Organiza4ons

DRUPA 2012 presentation

Charter for the Information Technology Governance Group (ITGG)

Nonpro&it Board Service

Marke&ng Strategies for Academic Audiology Clinics. Increasing pa&ent volume and revenue while maintaining nonprofit ideals and improving training.

One of five Ecology priori2es Improve compensatory mi2ga2on to make the best use of 2me and money to deliver successful mi2ga2on:

Interna(onal Brokerage Event Istanbul 30/9/2016. Hadmut HOLKEN

Blast Off! How to get your AP Automa5on Project off the Ground 5/24/12 1

Business Information Systems

Monitoring and Evalua/on: Adap/ve Management for Landscape Resilience

Successful Changes with Integrated Change and Project Management

Common comments during consulta1on process

Data Collec*on Working Group June 7, 2011 Lee Sartain, Friday Ins*tute, NC State University

Elements of This Session. Execu2ve Educa2on: Some Observa2ons. Execu2ve Educa2on in India. Trends

Workforce Management KPIs That Ma)er

Paper S(ll Blocks the Path to Streamlined Processes in AR Session #280 Pam Miller Educa(on Director & Editor IOFM

Effective Governance through. Leadership

The issue of intra-family succession and the best prac6ces to manage it.

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

Law Department Strategic Planning. Moving from Vision to Execu;on

A Panoramic View of Campus Shared Services

Improving Business Practices: Research & Lessons

Recommendation: Directory Services Architecture and Future IAM Governance Model

Fall 2011 Regional Update NCDPI Instruc;onal Technology September 16, 2011

HITRUST Managing Third Party Compliance How the CSF Can Help

Good morning. I am Eduardo López, the sponsor of this project. I am director of regional opera>ons for our company Movistar, which is the cellphone

Identity & Access Management IAM Lifecycle Committee. Feb. 29, 2016 Monday 10:00-11:30 a.m. 561 Smith Center

Module One: Produc.ve Management Methodology for Health Services (PMMHS) An Introduc.on Part 2

Epic/Infrastructure Update. Base Deck, March 2017

Transport Sector Leadership Development Programme (TSLDP) Prof Mark Zuidgeest (Educa4on Specialist) Kieran Kelly (Project Coordinator)

(Effecve 11 th August, 2017, supersedes the previous version dated )

IAM Online Thursday, April 8, 2010

IDN Variant TLD Program 18 July 2013

DoE RPS Infrastructure Review Status

NC Educa)on Cloud Internet2 Member Mee)ng October 4, 2011

C o m p a n y P r o f i l e

KPIs and Assessment: Developing Measures to Achieve Goals and Support Accountability

Rural Bankers Associa0on of the Philippines (RBAP) Annual Na0onal Conven0on May 19, 2015

Joint IFP/Dochas Pilot Survey on Capacity Development needs of CSOs linked to Agenda 2030

A Management Systems Approach to Ergonomics Programs. Elise Condie, M.S., CPE Senior Consultant

Workload Assessment Model. You can questions to anytime during the presentation.

Des Moines Waterfront Farmers Market

Centre for Research and Technology Hellas Hellenic Institute of Transport Jose-Maria Salanova

WSIS Follow-Up. Mario Cas)llo Coordinator of the project

Legal Disclaimer. Copyright No2ce

Professional Development. Standards Assessment Accountability. A revised model that includes A new set of academic standards.

Banner Executive Steering Committee (BESC) Governance Charter

Supporting Malabo Biennial Review: Role of Agricultural Joint Sector Reviews (JSRs)

Canadian Nutri+on Society. Date: January 19, 2016

Update on Pathways Commission. Melanie Thompson NASBA Regional Mee4ngs June 2014

IAM Task Force Update. April 3, 2015

Good a&ernoon everyone, thank you for coming

IAMNG Program. Feb. 18, 2016 CTSC Mike Gaspic, Sean Mason, Jason Testart, Connie van Oostveen, Andrew Ward

Live Learn Do. Development of a Central Informa0on Solu0on: Desktop to Enterprise READY- SET- ACTION

Suppor&ng Community- Driven Sustainable Bioenergy Projects Final Project Report for Ely December 12, 2012

What s New with Ellucian and the Transformation of Banner by Ellucian? Rick Skeel Director, Product Management Ellucian BUGMI September 2015

INFORMATION STEWARDSHIP: AVOIDING DATA BREACHES AND MANAGING BIG DATA

MAXIMIZING BOARD ENGAGEMENT & EFFECTIVENESS. Stop guessing and start addressing the needs of your board.

Strategic Plan

Pla$orm for Engaging Everyone Responsibly (PEER)

The Future of Daptiv PPM: Product Strategy & Roadmap Eric Bergman, VP of Product Management

Managed Care Readiness Training Series: Revenue Cycle Management 4th Learning Community Remi;ance, Appeals, Collec?

Can You S)ll Be an Individual? Brian Kahan, D.O. FAAPMR, DAOCPMR, DABIPP The Kahan Center for Pain Management

The Project Management Cer;ficate Program. Project Stakeholder Management

The EWUF CODE of ETHICS

Lecture 8 Process Redesign II

WINiT Pilot Mentor Program: Training Materials for Mentors/Mentees. Choose One Training Session: Jan 26th 8:00-9:00a ET OR Jan 28th 3:00-4:00p ET

ASB Strategic Research: Key Study Findings & Recommenda9ons

TIM158 Business Informa3on Strategy

Strategic Plan

National Research Network 2011 Benchmark Report

Job description Programme Coordinator

EMV Contact and Contactless Chip Tes3ng Requirements

Transcription:

Iden'ty and Access Management Governance Real world prac'ces that work in Higher Educa'on Roopa Chowbey Manager, Iden'ty management 1

Agenda Background Iden'ty and Access Management (IAM) program at George Washington University (GWU) Why do we need Governance? Iden'ty Governance Council (IGC) Structure IGC Charter IGC Composi'on Sample agenda items Examples of IGC recommenda'ons Success Factors 2

Background Identity Program at GWU 2011 2012 20142012 IAM Phase 1 IAM Phase 2 IAM Phase 3 IAM Phase 2 2016 IAM Phase 4 IAM Phase 1: Establish digital iden'ty infrastructure Provisioning to legacy Directory (SunOne iplanet) J2EE Web Applica'ons for iden'ty claiming IAM Phase 2: ERP user account provisioning Provisioning to current Directory (Ac've Directory) IAM Phase 3: Implement Shibboleth, SAML integra'on with InCommon Service Providers and other Cloud applica'ons Establish Ac've Directory authen'ca'on service IAM Phase 4: Web Single Sign-On and Mul'-factor authen'ca'on Access management using RBAC for all applica'ons, RBAC authoriza'on for ERP applica'ons 3

Background Target State of Identity program at GWU Cloud Directory with on-premise component Iden'ty Management Dynamic Groups (RBAC/ ABAC) Self-managed Groups One GW Iden'ty Store Mobile Device Management Access Management using RBAC & single SSO tool Configurable Mul'-Factor authen'ca'on Privileged Account Management Role based Digital Rights Management Preven've Threat Analy'cs 4

Why do we need Identity Governance? Establish policies and processes that guide the IAM program Ensure that IAM policies and processes are aligned with business policies and processes Set priori'es based on organiza'onal needs around security, provisioning and access management Provide Iden'ty assurance 5

Identity Governance Council Structure at GWU Iden'ty Governance Council (composi'on described in next slide) Technology Working Group (composed of Division of IT members, IT Directors from schools) Policy Working Group (composed of Risk/ Compliance, DIT members, HR, Dean of Students, Alumni Office, CFO office, Librarian) Ac've Directory Governance (most members of the Iden'ty Governance Council) 6

IGC Charter Establish university-wide governance for Iden'ty and Access Management Have a cross-ins'tu'onal membership to help provide insight Assure that risk and compliance elements are balanced with use of technology 7

IGC Composition IT Front Office Back-office IAM Program Owner (Chair) CIO & DCIO Informa'on Security IAM Service Manager Directory Services Registrar Dean of Student HR Faculty Representa've Academic Technologies Alumni Office HRIS General Counsel University Risk and Compliance CFO Office External Rela'ons 8

Working Groups Charter Policy Working Group Help define the actual policies that govern access to resources, including network and systems. Work closely with the other working groups to determine the standards that establish the policy and therefore help define the excep'ons as well. Include governance regarding systems of records for the different iden'ty life cycle as well as the standards that systems within the university must adhere to regarding iden'ty. List of poten'al policy discussion topics is expected to be fluid and the expecta'on is that the list will become progressively shorter as recommenda'ons are put forth to the council. Technology Working Group Focus on technology to support the recommenda'ons of other working groups and the governance established by the council as a whole. Align technology to the strategic technical architecture of the university as well as the integrated nature of iden'ty and its components 9

Policy Working group - sample agenda NetID policy (change required?): self-select or assign? Granularity of Roles: Review role selec'on criteria regularly and define new roles if necessary Grace periods for access: Define access requirements ager loss of a role Elevated security (Mul'-factor authen'ca'on): define which type of applica'ons are automa'cally protected by MFA Birthright provisioning/access: define RBAC requirements 10

Technology Working group - sample agenda Roadmap of Role-based access control to enable groups management to control system access Roadmap of Single Sign On Determine systems of records for Iden''es (example Ellucian s Banner for Students & employees, Advance for Alumni, Custom sources for Summer residents, library patrons and so on) Define Iden'ty lifecycle from incep'on to termina'on ques'ons about when does an en'ty become an Iden'ty for us to track? 11

Examples of IGC recommendations Data Classifica'on (regulated, restricted or public) Informa'on system Access policies NetID policies User experience for MFA Iden'ty roadmap planning Granularity of roles 12

IGC Success Factors Execu've sponsorship Effec've communica'on and awareness Business, stakeholder par'cipa'on Par'cipant interest and con'nued enthusiasm 13

Questions? 14

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback