Pennsylvania State University this week switched its log-in process for many of its systems to one based on Microsoft Azure’s single sign-on platform, a move designed to strike a balance between security and accessibility.
This change, which went live on July 7, affects how the university’s students and staff log on to manage student information, complete coursework online and access workplace systems. Keith Brautigam, the university’s director of identity and access management, said the process of switching from WebAccess, an existing 19-year-old system supplied by Advantech, to the new single sign-on platform took about 18 months. The project, he said, is part of a broader initiative to modernize university systems.
The new sign-in platform allows Penn State to adjust security protocols based on factors such as the user’s location, the type of user and the sensitivity of the systems being accessed. It also allows system administrators to set stricter authentication rules for more sensitive systems.
“[This solution] lets us take a really nuanced approach,” Brautigam said. “To put, if needed, a lot of security controls in place for these sensitive applications, but then have what’s minimally needed to have sensible security for low risk applications, and therefore [it improves] user experiences we can provide for our students, faculty and staff.”
A large portion of Penn State’s campus community is still transitioning back to in-person learning and work, Brautigam said, and the university needs to provide security for the university’s online programs.
University leaders spent a year of the project transitioning 600 systems spread across the campus to the new log-in platform, he said. They also had to figure out how to integrate the new Microsoft software with some of the university’s existing systems.
Educause panelists, in a March report, identified multi-factor authentication and single sign-on as one of the six key technologies and practices in information security.
“Although the task of implementing such tools is a difficult one for many higher education institutions, given the complexity of IT systems at a typical college or university, we need to find ways to simplify access to those systems so that end users can have the most secure and convenient authentication process available to them,” the report reads.