Workforce Identity and Access Management (IAM) Strategy
The development of a comprehensive workforce identity and access (IAM) management strategy will outline the objectives and implementation roadmap required to manage Ohio State digital identities and facilitate secure access to a larger scope of institutional data and university resources. Assessing and enhancing our core IAM processes and supporting technology will reduce friction accessing OSU resources, simplify integration steps for system owners, and prepare our services to support consumer identity and access management (CIAM) initiatives. Components of CIAM are included in this initiative such as the implementation of a social and third-party authentication solution.
Key Contacts: Jeff Bradburn, Rich Nagle, Dee Lohmeyer, Bob Mackin, Chuck Roose, Chris Hartley, Wes Stahler, Glenn Donaldson, Jason Pollock, Gail Martineau
What strategic pillars does it support?
- Learning
- Research
- Belonging
- Operational Excellence & Innovation
Why is it important?
Many new Buckeyes form their first impression of The Ohio State University based on business processes or technology supporting Identity and Access Management programs. The size and complexity of the university, increased remote work, and a shift to cloud services are few examples that stretch our existing IAM capabilities. A comprehensive IAM strategy will help with the following:
- Improved login experiences for our OSU workforce by reducing the number of accounts and passwords required to access a larger scope of institutional data and resources.
- Increased ability to share key identity data across University systems while simplifying integration requirements for support teams.
- Reduced security administration overhead by automating core access control services such as provisioning, termination and transfer handling, and periodic review of access.
Additionally, this initiative will better prepare our IAM team to support Zero Trust (ZT) and Buckeye Experience Optimization (BEO) efforts. Assessing our system’s capabilities will enabe IAM to identify opportunites and establish requirements needed to meet existing and future needs of the University. Increasing IAM capabilities will not only enable a more streamlined onboarding process for faculty, staff, students, and guests of the University, but will facilitate a simiplified engagement for systems to integrate into a common IAM ecosystem. These IAM processes and technologies would be a foundation to expand the scope of users to include customers of the University.
Who will benefit?
Faculty, staff, students, researchers, associates, customers, guests will all benefit from the development of a IAM strategy.
What is the timeline?
The development of an IAM strategy will be an ongoing journey as increased capabilities and process improvements will be needed to accommodate a wider range of University Resources. A high-level timeline for key project milestones include:
Milestone | Start | Complete (Projected) |
---|---|---|
Establish IAM Strategy Working Group | 08/2023 | 11/2023 |
Establish Working Groups and Set Priorities | 10/2023 | 12/2023 |
Implement Social and 3rd Party Authentication Service | 08/2023 | 10/2024 |
Publish Non-human Identity Strategy | 10/2023 | 02/2024 |
Increase PAM Adoption for Critical Systems | 03/2023 | Ongoing |
Assess Existing IAM Technologies and Document Future Requirements | 09/2023 | 03/2024 |
Key Decision Document for Enterprise IAM Technologies Requirements | 03/2024 | 06/2024 |
Consolidate IAM Intake and Approval Process | 08/2023 | 12/2023 |
Redesign Identity Express User Interface | 10/2023 | 02/2024 |
Publish IAM Key Risk Indicators (KRI) by Rish Management Entity (RME) | 03/2024 | 06/2024 |
Complete Draft of Comprehensive IAM Strategy v.1.0 | 11/2023 | 06/2024 |
Who are our partners and sponsors?
The development of a workforce identity and access management strategy is sponsored by Digital Security and Trust. Development of a comprehensive strategy will require guidance and support from all OTDI areas primarily Digital Security and Trust, Infrastructure, Applications and Data teams. Collaboration will also be needed across partners in the MedCenter, Digital Learning, and other teams that leverage existing IAM resources or services.
How will success be measured?
- # of communications
- # of 3rd party logins
- # of systems using 3rd party login
- # of strategy participants
- # of meetings
- # of drafts