Presentation is loading. Please wait.

Presentation is loading. Please wait.

2007 APTEC, LLC Confidential Unleashing Directory-Powered Business SM Campus Security and Identity Management in a Banner World Aaron Perry November 23,

Similar presentations


Presentation on theme: "2007 APTEC, LLC Confidential Unleashing Directory-Powered Business SM Campus Security and Identity Management in a Banner World Aaron Perry November 23,"— Presentation transcript:

1 2007 APTEC, LLC Confidential Unleashing Directory-Powered Business SM Campus Security and Identity Management in a Banner World Aaron Perry November 23, 2009

2 2009 APTEC, LLC Confidential 2 Agenda What is Identity Management? What we typically see in Higher Education institutions Challenges faced by Higher Education Institutions IAM Business Drivers & Benefits Higher Education IAM Architecture Banner IdM Case Studies Q&A

3 2009 APTEC, LLC Confidential 3 Setting the Stage… What is Identity Management? A set of processes and a supporting infrastructure for the creation, maintenance, and use of digital identity - 80% process - 20% supporting infrastructure Keys to successful implementation… Support and involvement at all levels (Provost, Registrar, Dean, CIO, Process Owners, System Administrators, etc.) Governance and the authority to enact decisions Identification and Management of Sources of Truth

4 2009 APTEC, LLC Confidential 4 IAM Solutions Address Top Issues faced by Higher Education Institutions IAM can improve security, reduce costs, and protect privacy –Security breaches / business disruptions –Operating costs / budgets –Data protection / privacy Large and growing number of Institutions have experienced IT Security Breaches in last 12 months. –Unauthorized access to sensitive institutional data –Research database hacked –Breaches of Student & Faculty SSNs –Breaches of PII Information

5 2009 APTEC, LLC Confidential 5 Data Breach More breaches than ever… Once exposed, the data is out there – the bell cant be un-rung PUBLICLY REPORTED DATA BREACHES 630% Increase Total Personally Identifying Information Records Exposed (Millions) Source: DataLossDB, Ponemon Institute, 2009 Average cost of a data breach $202 per record Average total cost exceeds $6.6 million per breach

6 2009 APTEC, LLC Confidential 6 More threats than ever… 70% attacks originate inside the firewall 90% attacks perpetrated by employees with privileged access

7 2009 APTEC, LLC Confidential 7 To what extent is your institution considering or implementing an identity and access management solution? 1.Not considering 2.Currently evaluating 3.Planned, but wont start within the next 12 months 4.Plan to start within the next 12 months 5.Implementation is in progress 6.Partially operational 7.Fully operational Q & A

8 2009 APTEC, LLC Confidential EDUCAUSE Current Issue Survey Ranking from All Institutions on Strategic Importance 1.Security (2) 2.Administrative/ERP/information systems (3) 3.Funding IT (1) 4.Infrastructure (7) 5.Identity/access management (4) 6.Disaster recovery/business continuity (5) 2007 ranking in parentheses

9 2009 APTEC, LLC Confidential EDUCAUSE Current Issue Survey Ranking from All Institutions on Potential to Become More Significant 1.Identity/access management (2) 2.Security (1) 3.Funding IT (3) 4.Disaster recovery/business continuity (4) 5.Administrative/ERP/information systems (5) 6.Infrastructure (8) 2007 ranking in parentheses

10 2009 APTEC, LLC Confidential 10 What we typically see at Higher Education Institutions

11 2009 APTEC, LLC Confidential 11 Supportability Administration performed both centrally and locally Manual, paper-driven processes work, but lack audit ability IT staff is stretched, especially as new projects are defined and started Infrastructure support team has a wide range of responsibility with limited means Growth Use of web-based applications continues to grow Increasing demands for new services Need to support within current spending levels Affiliate community is always growing Institutional Culture Priorities may vary on a per school or campus basis Varied and complex user populations Many institutions bend over backwards to provide the highest levels of service to their students Typical HE Challenges and Issues Data No single view of identity data across applications Inconsistent user identity data Multiple repositories of user identity data Lack of defined standards for user attributes Many identity owners & sources Challenges and Issues

12 2009 APTEC, LLC Confidential 12 Typical Higher Education Reference Architecture – General View

13 2009 APTEC, LLC Confidential 13 Banner OIM Reference Architecture

14 2009 APTEC, LLC Confidential 14 IAM Business Drivers Business Facilitation –Improve productivity through streamlined, automated processes and efficient provisioning and de-provisioning of user accounts. –Enable efficient deployment of new system-wide applications and services in a manner that provides ease of use for all constituents through use of standards and automation. Cost Containment –Efficiently managing the growing number of users and network-accessible resources by streamlining and centralizing business processes in support of new users, end-user transfers/job changes, and user disablement. –Reduce errors and the time required to manually administer user accounts and resources through automation of tasks. Security Effectiveness and IT Risk –Improve security and support high levels of security and privacy appropriate to specific systems and services. –Improve system audit ability and access management to ensure compliance with Federal, state, Department of Education and university regulations. –Improve audit readiness via a central audit log of accounts and privileges, as well as reporting and auditing capabilities. –Create effective monitoring and control over identity-related processes to ensure policies and practices are adhered to and security policies are consistently followed.

15 2009 APTEC, LLC Confidential 15 IAM Deployment Benefits Solid Identity Management infrastructure built on standards that can serve as the platform for supporting all future identity management services Automated provisioning and identity origination Clean identity data with processes in place to prevent re-corruption Elimination of the use of SSN as the primary unique identifier for all end users Enterprise-level auditing with ability to track events across the entire institution Drastic reduction of risk as it relates to provisioning users to new services and the protection of those services due to all provisioning and access control events being audited Drastic reduction of cost and overhead due to further automation of manual administration process and introduction of delegated administration models enterprise-wide Self-service services benefit the user by offering the ability to update information from a central location for use throughout the enterprise Reduction of costs associated with manual provisioning and manual data cleansing processes

16 2009 APTEC, LLC Confidential 16 Higher Education Banner Case Studies Yale University –Oracle Identity Manager –300,000 Identities – Students, Faculty, Staff, Affiliates, Alumni –SunGard Banner Student & Oracle eBusiness HR –15+ Resources Managed Lehigh University –Oracle Identity Manager –25,000 Identities – Students, Faculty, Staff, Affiliates –Replacement of current home grown system –SunGard Banner HR & Student –AD, LDAP, AFS, BlackBoard, Luminis Portal Wellesley College –Oracle Identity Manager & Virtual Directory –10,000 Identities – Students, Faculty, Staff, Affiliates, Alumni –SunGard Banner HR & Student –AD & OID

17 2009 APTEC, LLC Confidential 17 Higher Ed IAM Clients

18 2009 APTEC, LLC Confidential 18 Questions Aaron Perry President Mobile Web


Download ppt "2007 APTEC, LLC Confidential Unleashing Directory-Powered Business SM Campus Security and Identity Management in a Banner World Aaron Perry November 23,"

Similar presentations


Ads by Google