1 / 19

Identity and Access Management Town Hall

Identity and Access Management Town Hall . Agenda. Team News (Jason) Recent Accomplishments (Jane/Magnus) Program Plan (Erica/Jason) Project Methodology (Ann) Upcoming Project Milestones (Ann) IAM HUIT Website (Greg) Hiring Update (Jason) Questions and Answers (All). Team News.

cleave
Télécharger la présentation

Identity and Access Management Town Hall

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity and Access ManagementTown Hall

  2. Agenda • Team News (Jason) • Recent Accomplishments (Jane/Magnus) • Program Plan (Erica/Jason) • Project Methodology (Ann) • Upcoming Project Milestones (Ann) • IAM HUIT Website (Greg) • Hiring Update (Jason) • Questions and Answers (All)

  3. Team News • There is greatness among us! • Congratulations to Joe Hardin on your well deserved HUIT Cup win! • We’ve been busy creating IAM Program awareness! • First iteration of the IAM Program Plan complete! • Successful IAM Executive Leadership meeting on 1/28/13 • Program budget and resource requests have been approved. • CIO Council update for IAM to take place today. • We created a monthly dashboard for the Executive Committee • We are creating an IAM Community Plan • Provides an approach for keeping Harvard schools and departments, not to mention other higher education institutions involved • We are looking to introduce a Program CRM solution to assist us in tracking our involvement with partners

  4. Recent Accomplishments • Auth-LDAP release deployed to Production without issue! • Lessons learned to be gathered to assist with future process changes and release planning. • DM Sailpoint Identity Cubes built (and built, and built…) • Further performance tuning is in process • Connections deployed to the Cloud! • Working test repositorycreated to enable efficient reuse of test data • Working Puppet setup of our standard architecture for web apps (Apache/Tomcat) used in development. • On-boarding of additional SPs (e.g.; ServiceNow)

  5. Program Plan - Overview • What is a Program Plan? • High-level, governing document for all facets of IAM Program: • Program Goals • Team Structure • Governance Structure • Planning Approach • Implementation Roadmap • Communication/Partner Engagement • Capture User Benefits • End users • Application Owners • People Administrators • Date driven, not scope driven deliverables

  6. Program Plan (cont.) • Four IAM Program Tenets will: • Simplify the User Experience • Eliminate perceived complexities surrounding user identities. • Enable Research and Collaboration • Enable students and faculty to share information and work across School boundaries leveraging authentication standards and federation. • Protect University Resources • Protect sensitive information and data. • Meet audit and regulatory requirements. • Facilitate Technology Innovation • Enable HUIT-wide strategic initiatives (SIS, UC) • Cloud

  7. Program Plan - Implementation Approach The IAM Program will be implemented in accordance to the four strategic objectives and work will be managed as a portfolio of eleven projects:

  8. Program Plan - Deliverable Roadmap • Review of the IAM Program Deliverables Roadmap (Hand-out) • Review of the IAM Release Benefit Roadmap (Hand-out) • Review of the One Way Federation One Pager (Hand-out)

  9. Project Management Methodology • Implementing expanded PM Approach • Keep everything that works well • Add structure where needed

  10. Project Management Methodology Cont. • Formalize additional phases of the releases • Planning & Analysis Phase • Development Phase • Release/ Go-Live • Support/ Maintenance • Adjust JIRA structure to mirror Program Plan to allow for reporting • Releases: Epics • Deployments: Versions • Release Documents on Confluence • Project Charter • Go-Live Playbook • Release Plan

  11. Project Management Methodology Cont. • Project Management Plan draft due on 2/14/14 • Pilot Release to “kick off” on 2/28/14

  12. Release Milestones 5/1: Read-Only Connectors & Cube Aggregation in Prod 6/30: Claims; SPAC Tool; AD Provisioning 4/1: Prod Release 6/15: Extended Base Attribs in Prod 10/31: Attribs & SAML Profiles Provided to Harvad 6/15: Gap Analysis, Backlog Written 12/1: All Changes Complete 3/15: Communication Specialist Hired 3/31: HU LDAP DNS Flip 2/28: Define 4 KPIs 4/1: View for UUID in Prod 6/30: Backlog for UUID Web Svc. 2/13: V1 Website Live 4/15: Launch for Internal Use 6/30: Wide Roll-Out 5/31: Plan for Adding other OWF Partners 9/30: Onboarding Wave 1 1/31: Onboarding Wave 2 3/31: Replacement in Prod (in Cloud) 7/1: Sized Backlog 3/31: Implement Reference Model: Dev 6/30: Implement Reference Model: Prod 3/31: Replacement in Prod (in Cloud) 6/30: Align with Reference Model 4/15: Complete Planning Phase 6/1: Test Dev Version 9/30: Deploy to Prod

  13. HUIT Website - IAM • New IAM External Website to “go-live” on 2/13/14. • http://projects.iq.harvard.edu/iam • Call for content! • Ideas and submissions for content entries • IAM topics to be spot lighted • Plans for group videos • Photo submission

  14. Hiring Update • Interim Community Manager Position filled • Welcome, Steve King! • Senior Cloud Engineer selected • Conditional Offer extended to candidate with expected start date on 2/18/14. • Wave 1 Positions are Open! • Software Engineer   • Senior Database Developer • Lead Software Engineer ($1,000 referral bonus eligible) • Community Program Manager • Directory Architect        • Quality Assurance Engineer • Solutions Architect     • Communications and Reporting Specialist

  15. Questions and Answers?

  16. Supporting Materials

  17. Appendix A: IAM Accomplishments to Date Simplify the User Experience • Selected and purchased a new identity creation toolset that will lead to improved onboarding experience for all users. • Implemented a new Central Authentication Service for faster, flexible deployment of applications across the University. • Implemented One-Way Federation with the Harvard Medical School to prove the concept that users can select the credentials they would like to use, to access services. • Implemented Provisioning improvements to set the foundation for the expansion of cloud services, support Active Directory consolidation, and email migrations. • Integrated a new ID Card Application into IAM that enables the University to handle large-scale replacement of expired cards. Enable Research and Collaboration • Joined InCommon Federation and enabled authorized Harvard users to access protected resources at Hathitrust. • Enabled access to a planning tool that Harvard researchers can use to assist with compliance of funding requirements specific to grants (e.g., NSF, NIH, Gordon and Betty Moore Foundation). Protect University Resources • Proposed a new Password Policy to the HUIT Security Organization to standardize password strength and expiration requirements for the University. • Drafted a Cloud Security Architecture with the HUIT Security Organization to provide Level 4 security assurance for application deployments within Amazon Web Services. • Refreshed the AUTH LDAP software and infrastructure to current, supported versions. Facilitate Technology Innovation • Created a conceptual architecture for IAM Services to be deployed within the Amazon’s offsite hosting facilities.

  18. Appendix B – IAM Business Need

  19. Appendix C- IAM Vision The Vision for Identity and Access Management (IAM) Provide secure access to applications that is easy for the user, application owner, and IT administrative staff with solutions that require fewer login credentials, enable collaboration across Harvard and beyond, and improve security and auditing. Strategic Objectives Guiding Principles Key Performance Indicators • 1. Simplify the User Experience • “Simplify and improve user access to applications and information inside and outside of the University.” • 2. Enable Research and Collaboration • “Simplify the ability for faculty, staff, and students to perform research and collaboration within the University and with colleagues from other institutions.” • 3. Protect University Resources • “Improve the security stature of the University with a standard approach.” • 4. Facilitate Technology Innovation • “Establish a strong foundation for IAM to enable user access regardless of new and/or disruptive technologies.“ • The number of help desk requests that relate to account management per month. • The number of registered production applications that use the IAM system per month. • The number of user logins and access requests through the IAM system per month. • The number of production systems that the IAM system provisions to per month. • Harvard Community needs will drive the technology supporting the Identity and Access Management Program • Tactical project planning will remain aligned with the Program strategic objectives • Solution design should allow for other Schools to use the foundational to communicate with the IAM system in a consistent, federated fashion • Communication and socialization of the program are critical to its success

More Related