What is Identity and Access Management?
Identity and Access Management (IAM) refers to a set of business processes and tools that support the following:
- Creating and managing digital identities within the organization
- Providing user authentication to systems across the organization
- Managing access to resources across the organization
At the University of Alberta, digital identity is the Campus Computing ID (CCID). Primary CCIDs are associated with university-affiliated individuals. Secondary CCIDs may be associated with groups, roles or even IT systems. CCIDs are used to provide access to systems and resources and to support students and employees at the university.
IAM is an integral part of IT security at the university. Its policies and governance are key to ensuring that our university-issued digital identities, resources and data are safe and secure.
IAM Initiative Phase 1 Implementation
The UAlberta IAM system creates and manages CCIDs and is used to ensure appropriate access to IT and other resources. This project is set to replace the existing in-house developed program with a commercial solution. As part of this effort, self-serve password reset will be deployed, as well as improved interfaces between the new IAM and PeopleSoft, for a more timely transfer of data between these systems. IAM enhancements planned for Phase 2 are dependent on the new IAM, including improved support for new applications going forward.
The university’s current in-house-built identity management system, Judas, will be replaced with Identity IQ. IAM manages CCIDs from creation through to expiry. Going forward, permissions and access to services and resources within the university can be managed in accordance with business processes and policies using the new IAM tool.
IAM is a means of ensuring IT security within the university. The new solution was selected to be robust and versatile and to support new initiatives and changing business and security needs going forward.
Deployment of the new IAM is November 22, 2019.
While some groups will access a new user interface to fulfill existing business processes, the larger university community will not be affected by a successful implementation, and no action will be required.
The following table identifies who will be affected at go-live and the impact.
|CCID Authorized Approvers||• New tool for password resets
• New tool for secondary CCID creation
• New tool and functionality for Google Groups set-up
• CCID Authorized Approver Toolbox web page retired, with functions such as Department Member listing provided in the new tool
• IST Service Desk
• Augustana Help Desk
• Extension Student Services
• Student Connect
|• New tool for password resets
• Includes identity verification workflow before password reset
|Libraries||• New tool for temporary network ID setup|
In the weeks following IAM’s go-live date, new capabilities for self-serve password reset will be deployed.
At a later date, the groups management functionality, being released as a Beta test at this time, will be refined and enhanced. Further communication on these capabilities will be shared after deployment.
The project team has been working with the Identity and Application Support group and is reaching out to key individuals in affected faculties and units to communicate and organize the change.
Training for affected users will be available prior to go-live. Training, procedures and information are being put in place to aid the Service Desk in order to effectively guide users with answers to questions and support.
CCID Authorized Approvers
CCID Authorized Approvers (AA) play a key role in the university because they help manage the CCIDs within their departments.Learn More