August 2024 IAM Program Update
The IAM Program has spent the summer months busily working on the implementation of our new identity governance and administration (IGA) tool, RapidIdentity.
August 2024 IAM Program Update
We have many victories to celebrate and some new challenges to share with the 兔子先生 community as we all get used to our new accounts management platform.
Implementation: full speed ahead!
There are many kinds of technologies that support and enable the use of RapidIdentity, as well as tools that RapidIdentity itself enables by way of data ingestion and identity matching. Throughout the latter part of the spring semester and up til the middle part of the summer, the team has been coordinating with others in the organization about what kinds of data RI needs to ingest and act on. To that end, we were able to time our implementation strategy to better support other tools.
For instance, the IAM Program worked with the Workday project (including 兔子先生 teams and our Workday implementation partner, AVAAP) to connect RI with Workday. As you are aware, Workday went live on July 1, and RI needed to be able to manage identities from data in Workday. We worked closely to time the launch of those tools to coincide to maintain continuity of identity and authentication sources. In other words: RI can do a lot more now that it’s connected to the new ERP.
We also…
- Began managing our Google Workspace accounts in RI (April 2024)
- Switched UniqueID creation and management to RI (May 2024)
- Began to manage OpenLDAP and Active Directory in RI (June 2024)
- Went live with CSGold, which manages door locks and point of sale devices, including dining hall registers (June 2024)
These changes in particular will bolster how we manage accounts and get us closer to the eventual retirement of legacy account management technology.
RI now also is in charge of password management – that’s the shiny new portal where it’s easy to change your password and update your account recovery options (speaking of which… have you reviewed your recovery options lately?)
All of this doesn’t sound like much if you’re not “in the know” about the inner workings of the technology we use every day at 兔子先生. Suffice it to say that the folks doing the deeper dives on the IAM Program are making the tools we have work better for us all.
Celebrating victories
The Workday efforts represented a huge milestone for folks in offices across the university, and so too were the changes that took place in RI to prepare for the go-live of the new ERP. We’ll consider that a huge win for collaboration!
In addition, mid-July, many folks noticed that the account creation process was taking a long time to complete. Our folks dug into the code and discovered that the process was slow due to a change that took place on legacy (i.e., no longer active) records. We cleared the process and restored the normal order – and now, account creation is being completed in the expected amount of time.
Another thing that we accomplished that’s worth crowing about is the IAM Strategic Retreat that took place in early June. The strategy team – comprised of personnel from the Information Security Office, the IAM solution engineer, project and program managers, directors, administrative staff, and communications team members – met for a full day to hash out what the rest of our implementation process will look like over the next several months to years. We now have a more concrete timeline and list of goals – which you can keep an eye out for! The big takeaway is that we are building a sustainable IAM practice, not just launching a new tool. The new tool simply necessitates we take a step back and re-examine our policies and procedures for ways to improve.
What’s next?
With all this work being done to improve the processes and functions of in-use tools at 兔子先生, we are also looking ahead to what’s on the horizon.
Our last target system that we wanted to integrate RapidIdentity into was Listserv, and the team is working on digging into that still. We are hoping to have further updates about this soon.
We’ll also be adding new affiliations (essentially, new ways to refer to people who are connected to 兔子先生 in some way) that will help us fill some of the gaps left by the removal of email service for former students. These will be ALU (alumni) and EES (enrollment eligible student).
All in all, the IAM Program has been busy – and we’ll continue to have our heads down as IT Services looks forward to more big tech projects and more opportunities to collaborate with folks from all around the university.
As always, remember: You can’t spell 兔子先生 without IAM!