Colleges and universities with diverse user populations can deliver a more seamless and secure user experience by managing identity governance independently of traditional access management platforms, according to an IT associate director from the University of Utah.
Chris Stucker, associate director for identity and access management, says that using a specialized tool for identity governance has been more effective for his university because it provides greater capability in managing roles, role mining, logging and collecting user behavioral analytics.
The decision to implement in a specialized tool was brought on in part by the university’s need to improve efficiencies in meeting compliance that a multi-tool for identity and access management alone didn’t deliver effectively.
In a podcast interview produced by EdScoop and underwritten by SailPoint, Stucker touches on the benefits and practical uses he believes CIOs should consider when looking at identity governance solutions.
What challenges is your university overcoming by adopting a specialized identity governance tool?
“I think the big challenge is meeting the needs of a very diverse user population. We call ourselves a small city, so on any given day we have 110,000 people on campus between students, faculty, staff and all of the folks who come here to help us teach the students and get things done,” explains Stucker.
The University of Utah also has a hospital, Stucker says. In addition to the campus population’s information, it manages both Health Insurance Portability and Accountability Act (HIPAA) and Protected Health Information (PHI) data, requiring it to prove to compliance authorities it can keep that data separate and manage the lifecycle of a user when their roles or personas change.
What are the benefits of a specialized identity governance solution?
“In the short time that we’ve been running an identity governance solution, we have been able to dramatically improve the provisioning and access granting time,” says Stucker.
Previously the university was on about a 48-hour cycle for the majority of its assets, Stucker explains. But for resources that it controls, the cycle has reduced to under five minutes.
What features are important to look for in an identity governance solution?
“I would look for things that give the ability to manage all of the pieces of the identity lifecycle,” says Stucker.
That would include making sure an organization can maintain relationships and roles when users move within or leave a department, control entitlement management, define policies and roles automatically and deal with access requests and the workflow through to completion, Stucker elaborates.
Listen to the podcast for the full conversation on the importance of identity and access governance. You can hear more coverage of “IT Modernization in Higher Education” on our EdScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.
This podcast was produced by EdScoop and underwritten by SailPoint.