IAM REFERENCE ARCHITECTURE BRICKS EMBEDED ARCHITECTS COMMUNITY OF PRACTICE MARCH 5, 2015
AGENDA What is IAM? Vision & mission Evolution: the why behind “bricks” Practice: making “bricks” Discussion, reflection, etc. TOPICS DISCUSSED
WHAT IS IAM? “Identity and access management is a security, risk management, and business discipline that ensures the right individuals have the right access to the right resources at the right time for the right reasons.” (Source: Gartner, Inc.) DEFINITION
WHAT IS IAM? A team? At the UW, IAM is an organizational unit with these responsibilities: Identity registration & administration Account & password management Access management Authentication & Authorization Non-person identity management Federation & trust
WHAT IS IAM? A set of services. We offer these IAM services through the central IT service catalog: UW NetID Access Management Authentication Directory Services UW Windows Infrastructure
WHAT IS IAM? A set of capabilities. The essential work of our IAM team is coordinating these IAM processes and activities with our diverse customers and stakeholders.
IDENTITY REGISTRATION & ADMINISTRATION “Help me register people affiliated with the university to participate in online activities.” CUSTOMER ASKS:
ACCOUNT & CREDENTIAL MANAGEMENT “Give me and my users trustworthy identification to use online.” CUSTOMER ASKS:
ACCESS GOVERNANCE & ADMINISTRATION “Help me manage how I enable and disable access to my resources.” CUSTOMER ASKS:
PROVISIONING & INTEGRATION “Help me integrate with identity services and orchestrate processes to provision data and access.” CUSTOMER ASKS:
ACCESS CONTROL “Help me authenticate and authorize users as they access my resources and make online transactions.” CUSTOMER ASKS:
REPORTING & ANALYTICS “Give me reports and activity data I can analyze to make decisions and manage risk.” CUSTOMER ASKS:
IAM VISION “Trusted online identities enriched with the attributes of the UW.” INSPIRES OUR WORK & CREATIVITY
IAM MISSION “To help our community apply IAM solutions in ways that promote trust, privacy, collaboration, and innovation in research and education.” GIVES OUR WORK PURPOSE & DIRECTION
REFERENCE ARCHITECURES Help us manage complexity in an evolving ecosystem Help us develop situational awareness Help us provide guidance Help us communicate consistently Help us identify costs of decisions PURPOSE
IAM REFERENCE BRICKS A “brick” describes the status of technical standards, protocols, service options, and other technologies used for identity and access management (IAM) within the IT environment at the University of Washington. PURPOSE
IAM REFERENCE BRICKS Each “brick” focuses on a set of IAM technologies from the same functional area and uses the same set of designations to describe the lifecycle status of individual options coming into or exiting from the environment. WHAT
IAM REFERENCE BRICKS Each “brick” focuses on a set of IAM technologies from the same functional area and uses the same set of designations to describe the lifecycle status of individual options coming into or exiting from the environment. WHAT
BRICKS TEMPLATE The template describes the designations used within a brick to categorize technology options according lifecycle status, related customer risk, investment levels, support, adoption, etc. HOW
BRICKS TEMPLATE HOW
BRICKS PRACTICE
BRICKS PRACTICE: STRATEGY MAP
BRICKS TEMPLATE HOW, CONT.
BRICKS PRACTICE