Identity &
Access Management
Various projects are underway to analyze and determine the architecture for our next iteration of identity and access management. Our current program, known as AMA (Account Management Automation), was developed in-house within my.SMU. It has run well for many years and managed the account provisioning and de-provisioning for identities created in that platform. However, as services expand and our customers expand beyond traditional faculty, staff, students, and alumni roles, a more robust solution is required to support the account process.
There are four primary technologies that will be implemented to deliver the Identity & Access Management (IAM) service. These include the identity registry, authentication, grouping and policies (Grouper) and provisioning/deprovisioning services. The authentication piece is already in place. The new identity registry is in use by the CAPE software platform and is currently being integrated with my.SMU for PeopleSoft identities. Planning efforts are underway for the other two implementations which will reach substantial completion by next summer.
Once all four components are in place, we will be able to transition from AMA to the new architecture and then continue to onboard existing and new services to the new framework. This will provide significant automation while also increasing security. The successful implementation of IAM relies on more than just the technical architecture. All access is granted or removed based on rules finalized during the configuration which relies on accurate job or affiliation data. This data is entered into the various systems by different departments across campus. Each department has
their own unique processes and timeframes for this data entry. It will be imperative that these processes are reviewed and align with
the programmatic rules to ensure
individuals are receiving the right level of access at the appropriate time. Because
of the complexity of this project and the many dependencies, the full implementation will
span multiple years.
  18 OIT PROGRESS REPORT 2022