Identity and Access management (iAM)

Details

Project Status

 On Target

Last Reported

September 30, 2022

Project Manager

Dawn Childs

Project Sponsor

Chuck Lanham
Vice Provost Info Tech & CIO
Academic Affairs

Overview

Western Washington University has hundreds of separate systems that have their own username and password management.  Most of these systems are integrated by Enterprise Application Services (EAS) and must be manually maintained.  Because of the manual entry, permissions don't always get updated or removed with employee status changes.  

With the exponential increase in Software as a Service (SaaS), it is critical/crucial that identity management is kept in sync across disparate systems.  The interrelationship between systems creates the need for tighter integration of identity management. 

The existing account management method was home-grown 30 years ago. Because additional capabilities and features have been added organically over the years, these efforts have not been documented fully.  There are aspects of the current process that are only known by one person. This is a huge risk. 

Why is this important now?  We now have over 100 SaaS systems, each with some form of username/password management.  The number of SaaS systems increases annually and makes the control of usernames and passwords unmanageable.  The knowledge required to manage all the disparate systems has grown exponentially.  Additionally, Federal and State laws now mandate that we perform security audits and keep records. 

Status Summary

Phase 1 included new Eligibility and Purge rules that were configured and implemented on 4/19/22.  

In Process

Validation of the Phase 1 rule changes.

Recently Completed

Phase 1 documentation and wrap up.

What's next

Phase 2 discovery and planning.