Presentation is loading. Please wait.

Presentation is loading. Please wait.

Campus Security and Identity Management in a Banner World

Published byAnthony Morrow Modified over 10 years ago

Similar presentations

Presentation on theme: "Campus Security and Identity Management in a Banner World"— Presentation transcript:

1 Campus Security and Identity Management in a Banner World
Aaron Perry November 23, 2009

2 Agenda What is Identity Management? What we typically see in Higher Education institutions Challenges faced by Higher Education Institutions IAM Business Drivers & Benefits Higher Education IAM Architecture Banner IdM Case Studies Q&A

3 Setting the Stage… What is Identity Management?
A set of processes and a supporting infrastructure for the creation, maintenance, and use of digital identity - 80% process - 20% supporting infrastructure Keys to successful implementation… Support and involvement at all levels (Provost, Registrar, Dean, CIO, Process Owners, System Administrators, etc.) Governance and the authority to enact decisions Identification and Management of “Sources of Truth”

4 IAM Solutions Address Top Issues faced by Higher Education Institutions
IAM can improve security, reduce costs, and protect privacy Security breaches / business disruptions Operating costs / budgets Data protection / privacy Large and growing number of Institutions have experienced IT Security “Breaches” in last 12 months. Unauthorized access to sensitive institutional data Research database hacked Breaches of Student & Faculty SSN’s Breaches of PII Information

5 More breaches than ever…
3/28/2017 More breaches than ever… Data Breach Once exposed, the data is out there – the bell can’t be un-rung PUBLICLY REPORTED DATA BREACHES 630% Increase Total Personally Identifying Information Records Exposed (Millions) Source: DataLossDB Note total represents cumulative number since once exposed the data is out there – the bell can’t be unrung. Average cost of a data breach $202 per record Average total cost exceeds $6.6 million per breach Source: DataLossDB, Ponemon Institute, 2009 Oracle Confidential 5

6 More threats than ever…
3/28/2017 More threats than ever… 70% attacks originate inside the firewall 90% attacks perpetrated by employees with privileged access Oracle Confidential 6

7 Q & A To what extent is your institution considering or implementing an identity and access management solution? Not considering Currently evaluating Planned, but won’t start within the next 12 months Plan to start within the next 12 months Implementation is in progress Partially operational Fully operational

8 2008 EDUCAUSE Current Issue Survey
Ranking from All Institutions on Strategic Importance Security (2) Administrative/ERP/information systems (3) Funding IT (1) Infrastructure (7) Identity/access management (4) Disaster recovery/business continuity (5) 2007 ranking in parentheses

9 2008 EDUCAUSE Current Issue Survey
Ranking from All Institutions on Potential to Become More Significant Identity/access management (2) Security (1) Funding IT (3) Disaster recovery/business continuity (4) Administrative/ERP/information systems (5) Infrastructure (8) 2007 ranking in parentheses

10 What we typically see at Higher Education Institutions

11 Challenges and Issues Typical HE Challenges and Issues Data
No single view of identity data across applications Inconsistent user identity data Multiple repositories of user identity data Lack of defined standards for user attributes Many identity owners & sources Supportability Administration performed both centrally and locally Manual, paper-driven processes work, but lack audit ability IT staff is stretched, especially as new projects are defined and started Infrastructure support team has a wide range of responsibility with limited means Typical HE Challenges and Issues Growth Use of web-based applications continues to grow Increasing demands for new services Need to support within current spending levels Affiliate community is always growing Institutional Culture Priorities may vary on a per school or campus basis Varied and complex user populations Many institutions “bend over backwards” to provide the highest levels of service to their students 11

12 Typical Higher Education Reference Architecture – General View

13 Banner OIM Reference Architecture

14 IAM Business Drivers Business Facilitation Cost Containment
Improve productivity through streamlined, automated processes and efficient provisioning and de-provisioning of user accounts. Enable efficient deployment of new system-wide applications and services in a manner that provides ease of use for all constituents through use of standards and automation. Cost Containment Efficiently managing the growing number of users and network-accessible resources by streamlining and centralizing business processes in support of new users, end-user transfers/job changes, and user disablement. Reduce errors and the time required to manually administer user accounts and resources through automation of tasks. Security Effectiveness and IT Risk Improve security and support high levels of security and privacy appropriate to specific systems and services. Improve system audit ability and access management to ensure compliance with Federal, state, Department of Education and university regulations. Improve audit readiness via a central audit log of accounts and privileges, as well as reporting and auditing capabilities. Create effective monitoring and control over identity-related processes to ensure policies and practices are adhered to and security policies are consistently followed.

15 IAM Deployment Benefits
Solid Identity Management infrastructure built on standards that can serve as the platform for supporting all future identity management services Automated provisioning and identity origination Clean identity data with processes in place to prevent re-corruption Elimination of the use of SSN as the primary unique identifier for all end users Enterprise-level auditing with ability to track events across the entire institution Drastic reduction of risk as it relates to provisioning users to new services and the protection of those services due to all provisioning and access control events being audited Drastic reduction of cost and overhead due to further automation of manual administration process and introduction of delegated administration models enterprise-wide Self-service services benefit the user by offering the ability to update information from a central location for use throughout the enterprise Reduction of costs associated with manual provisioning and manual data cleansing processes

16 Higher Education Banner Case Studies
Yale University Oracle Identity Manager 300,000 Identities – Students, Faculty, Staff, Affiliates, Alumni SunGard Banner Student & Oracle eBusiness HR 15+ Resources Managed Lehigh University 25,000 Identities – Students, Faculty, Staff, Affiliates Replacement of current home grown system SunGard Banner HR & Student AD, LDAP, AFS, BlackBoard, Luminis Portal Wellesley College Oracle Identity Manager & Virtual Directory 10,000 Identities – Students, Faculty, Staff, Affiliates, Alumni AD & OID

17 Higher Ed IAM Clients

18 Questions Aaron Perry President Mobile Web

Download ppt "Campus Security and Identity Management in a Banner World"

Similar presentations

Technology for the Audit Team Copyright © 2008 ACL Services Ltd. Peter B. Millar Director, Business Development 25 June 2008 ACL AuditExchange 2009.

Technology for the Audit Team Copyright © 2008 ACL Services Ltd. Peter B. Millar Director, Business Development 25 June 2008 ACL AuditExchange 2009.
TACTICAL/OPERATIONAL PLANNING

TACTICAL/OPERATIONAL PLANNING
September 17, 2009 AARHUS UNIVERSITY AARHUS UNIVERSITY AARHUS UNIVERSITY.

September 17, 2009 AARHUS UNIVERSITY AARHUS UNIVERSITY AARHUS UNIVERSITY.
1 www.vita.virginia.gov IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1, 2013 www.vita.virginia.gov.

1 IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1,
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
1 Mid-Term Review of The Illinois Commitment Assessment of Achievements, Challenges, and Stakeholder Opinions Illinois Board of Higher Education April.

1 Mid-Term Review of The Illinois Commitment Assessment of Achievements, Challenges, and Stakeholder Opinions Illinois Board of Higher Education April.
Vision: A strong and capable civil society, cooperating and responsive to Cambodias development challenges 1.

Vision: A strong and capable civil society, cooperating and responsive to Cambodias development challenges 1.
IdM Governance in Higher Education

IdM Governance in Higher Education
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Copyright Critical Software S.A. 1998-2008 All Rights Reserved. COTS based approach for the Multilevel Security Problem Bernardo Patrão.

Copyright Critical Software S.A All Rights Reserved. COTS based approach for the Multilevel Security Problem Bernardo Patrão.
1. 2 August 2009 - Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.

1. 2 August Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.
Jonathan Berry President & CEO 203.331.2267 Leveraging a Help Desk as part of a Hyperion Center of Excellence Copyright © 2014, Accelatis.

Jonathan Berry President & CEO Leveraging a Help Desk as part of a Hyperion Center of Excellence Copyright © 2014, Accelatis.
YES New Mexico Enterprise Eligibility System

YES New Mexico Enterprise Eligibility System
How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.

How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
What’s FIM all about?. Agenda What is FIM Why are we implementing FIM How is FIM related to Office 365 What will FIM do How does FIM differ from ILM (current.

What’s FIM all about?. Agenda What is FIM Why are we implementing FIM How is FIM related to Office 365 What will FIM do How does FIM differ from ILM (current.
Subtitle Version or Date Presentation Title BCeSIS Overview Module 1.

Subtitle Version or Date Presentation Title BCeSIS Overview Module 1.
CANHEIT | On the EDGE | June 15-18, 2008 | University of Calgary Collaborative Computing on an Institutional Level Steve Breeck, Harold Esche, Bill Richardson.

CANHEIT | On the EDGE | June 15-18, 2008 | University of Calgary Collaborative Computing on an Institutional Level Steve Breeck, Harold Esche, Bill Richardson.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Chapter 12 Integrating the Organization from End to End – Enterprise Resource Planning.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Chapter 12 Integrating the Organization from End to End – Enterprise Resource Planning.
- 1 - Defense Security Service Background: During the Fall of 2012 Defense Security Service will be integrating ISFD with the Identity Management (IdM)

- 1 - Defense Security Service Background: During the Fall of 2012 Defense Security Service will be integrating ISFD with the Identity Management (IdM)

Similar presentations

Ads by Google