Identity and Access management (iAM)
Vice Provost Info Tech & CIO
Western Washington University has hundreds of separate systems that have their own username and password management. Most of these systems are integrated by Enterprise Application Services (EAS) and must be manually maintained. Because of the manual entry, permissions don't always get updated or removed with employee status changes.
With the exponential increase in Software as a Service (SaaS), it is critical/crucial that identity management is kept in sync across disparate systems. The interrelationship between systems creates the need for tighter integration of identity management.
The existing account management method was home-grown 30 years ago. Because additional capabilities and features have been added organically over the years, these efforts have not been documented fully. There are aspects of the current process that are only known by one person. This is a huge risk.
Why is this important now? We now have over 100 SaaS systems, each with some form of username/password management. The number of SaaS systems increases annually and makes the control of usernames and passwords unmanageable. The knowledge required to manage all the disparate systems has grown exponentially. Additionally, Federal and State laws now mandate that we perform security audits and keep records.
Phase 1 included new Eligibility and Purge rules that were configured and implemented on 4/19/22.
Validation of the Phase 1 rule changes.
Phase 1 documentation and wrap up.
Phase 2 discovery and planning.