IAM App State

Project: IAM App State 

Objective

Improve Identity and Access Management (IAM) processes and capabilities.

Overview

An identity and access management (IAM) tool and improved business processes give IT and our campus the ability to streamline access to needed IT services. It also protects against security and compliance risks.

Details

We are building our identity program to:

  1. Improve flexibility and efficiency in access to IT services, institutional data and our campus.
  2. Develop a system that automates the permission and revocation of access to data, services and physical locations.
  3. Decrease time to resolution for employees in the on- or off-boarding process.
  4. Create a central hub for managing access to IT services. 

Phase 1: Foundation

Banner is the system of record for employee and student identities. Bravura, our identity and access management (IAM) tool, will interact with Banner to create logical connections based on each person’s role and access needs. Bravura will oversee employee and student identity management for multiple processes that require permission or system access. 

We are focusing on four activation areas during phase one:

  1. LDAP
  2. Google
  3. Duo 
  4. Active Directory

These are the foundational pieces of our student and employee onboarding process. These changes will be minimally noticeable to users.

Benefits of Phase 1 include:

  1. Provide access to computers on Day 1 of employment.

  2. A more consistent university onboarding process for employees and students.

  3. One less password change to onboard new students.

  4. Bravura will ensure that generic accounts no longer owned by current faculty/staff are reassigned and generic owners are notified annually of the accounts they own.

  5. Employee position titles will be available via Google smart chips and people's Google profiles. Learn more about Google smart chips at Google Support and in our self-help Knowledge Base.

Phase 2: Password manager & account claim

Phase two, which concerns passwords and account security, will be a more obvious change and impact members of our campus in early 2025. 

Phase 3: Improvements

The final and third phase will be longer and deal with external system access permissions. We will have more information about this phase next year. For more information, review this IAM Project overview.

Status

Active

 

FAQ

What is the timeframe for implementation?

  • Starting in 2022, we will implement this Identity Governance Administration management system in three phases.
    • Phase 1
      • 12/17/24 - ITS implements behind the scene changes in preparation for going live.  
      • 12/20/24 - Pending the success of previously mentioned changes, this date is our go live with Bravura, our Identity and Access Management tool. 
      • 12/21/24 - 1/1/24 ITS will monitor the cutover from our previous process to Bravura.
    • Phase 2
      • Target timeframe for completion is late first quarter in 2025.
    • Phase 3
      • Target timeframe TBD in 2025.


Is this system replacing a current system?

  • In Phase 2, we will replace our homegrown Password Manager. In Phase 3, we will develop position/role based access for major roles and connect additional existing campus services to Bravura.

What is the benefit of this new management system?

  • ITS has provided core identity services through a disparate set of tools including custom Banner tables, scripts, paper and electronic forms and multiple directory services over the years. 

  • The benefit of this management system is to centralize these processes and allows more transparency and efficiency for our campus users.


As an application administrator, how do I submit my application for integration with the program?

  • Please contact  identitymanagement@appstate.edu to discuss the various ways the program can support application administrations in on- and off-boarding application users.


Who do I contact for more information?