1. The State of Identity Management on Your Campus Session Moderators Jacob Farmer, Indiana University Theresa Semmens, North Dakota State University November 14, 2013

2. Agenda Through a series of interactive poll questions, session will lead you through a self-assessment of your identity and access management system. Are you "just starting" or "battle scarred?" This tool will help you identify focus areas as you move toward outsourced or cloud services.

3. Disclaimer The poll questions provided and the answers provided for this CAMP session were developed by EDUCAUSE. Their purpose for this session was to generate thought and discussion. They were not used for an research or qualitative statistics.

4. At what level are your identity management practices? (33 respondents) We have no practices at this time. Our practices are ad-hoc at best. We have a mix of formal practices and those created on an as needed basis. Our practices are established and publically posted. 0.060% 0.030% 0.818% 0.090%

5. The data our institution uses for identity management is (34 respondents) Our institution periodically gathers information from sources on cycles that can vary from daily to weekly, or longer. Our institution regularly gathers information from sources, generally, no less than daily. Our institution has real time, or near-real time connections to source and client systems that allow service and access changes to take effect in minutes – on or off – when data changes or becomes available. 0.205% 0.588% 0.205%

6. To provide for identity uniqueness and matching, our institution’s data for identity management and creation is obtained from (34 respondents) Our institution receives data from many sources; it's possible someone can be represented multiple times. This is difficult for us to detect except in reaction to service issues.Regularly gathered information from sources, generally, no less than daily. Our institution has good central identity matching processes, but need to work to resolve identity issues mostly as needed. Our institution has strong partners and practices across campus and multiple systems that participate in detecting, avoiding, and resolving identity issues. Our institution has a central point of data authority such as an ERP system that data is matched against to prevent and resolve identity issues. 0.088% 0.294% 0.088% 0.529%

7. Our institution’s account de-provisioning processes include (31 respondents) Little connection between central IT support for core infrastructure and business systems, and distributed school or departments systems. There are many independently maintained and managed shadow systems with poor data sharing and little automated update Making data available through reports or directory lookups to more directly enable local systems, but actual reuse is inconsistent across campus. We support collaborative work in schools and departments by enabling them to define and share information and privileges on their own. It is easy to access common enterprise data, either for real time reference or for ongoing synchronization. 0.290% 0.387% 0.322%

8. Our institution’s account provisioning processes are (33 Respondents) Manual, ad-hoc, and not documented or well understood. A mix of formal processes and those created on an as- needed basis. Some are automated, some are not. Established, automated and documented. 0.000% 0.727% 0.272%

9. At what level do you allow vendor access to your identity information AND authentication information? (31 Respondents) Our institution is comfortable permitting vendor access to BOTH our identity information AND authentication information. Our institution is comfortable permitting vendor access to EITHER identity information OR authentication information. Our institution is not comfortable releasing ANY authentication information and only releasing MINIMAL identity information to the vendor. Our institution is not comfortable releasing ANY authentication information or identity information to the vendor. 0.032% 0.193% 0.709% 0.064%

10. Our institution identity store includes (33 Respondents) Many (students, faculty, staff, etc.) that don't connect. Many and some connect. A unified and central identity store. 0121% 0.212% 0.666%

11. Our institutions single sign on (SSO) and authentication solution is (31 Respondents) Separate authentication credentials for access to different institutional services. Unified authentication for access to different institutional services. An implemented single sign-on solution for access to different institutional services. 0.096% 0.322% 0.580%

12. Does your institution have an eduPerson? (32 Respondents) What is an eduPerson? We don’t have one. We have heard about it and/or partially implemented it. We have fully implemented and leveraged eduPerson on our campus. 0.125% 0.062% 0.375% 0.437%

13. Does your institution use federating software? (32 Respondents) Yes, we use it. No, we don’t use it We are considering it. 0.75% 0.00% 0.25%

14. The State of Identity Management on Your Campus Thank you to all participants who joined Jacob and Theresa in discussion and in the poll. Your interaction helped to make this session a success. Theresa Semmens & Jacob Farmer