Identity management is a topic of growing importance in Universities and indeed all organisations. Universities, however, are complex organisations and bring unique challenges. What is identity management? Very simply, it is the whole process of dynamically providing and authorising access to resources to the right people according to their role in, or relationship with, our University. It brings with it opportunities for much greater security, productivity, and could significantly enhance the experience of all those who engage with us.
Our existing approach to identity management has grown over the years and would now benefit from a fresh approach. We have mechanisms to set up user accounts automatically and grant access to a range of online resources. But they are not all joined up, and they don’t cope well with the growing range of relationships we have with people.
If you are a “normal” undergraduate or postgraduate student, or a straight forward member of staff things are relatively simple. Some people, however, are both a member of staff and a student. At the moment they get two ID’s and end up with a split personality!
We give access to resources to named individual people. If someone changes their job within the University, however, there is no automatic way to remove their access to systems they are no longer entitled to use and give them access to systems for their new role.
As our online presence broadens, we need to establish clear relationships with a whole range of stakeholders who will never fall into the category of a member of staff or student. People attending conferences, parents, visitors, staff from companies with whom we do business, other educational establishments with whom we wish to share information and resources securely.
We have developed a number of solutions to these challenges but we now want to put in place a better overall solution to handle our future needs. That is likely to take some time and we will prioritise the most important areas first. Ultimately, we want to have one source of information about a person’s identity, we want to provide access to services according to the role(s) that person has and not their name, and we want to be able to cope with the full diversity of people through one integrated approach. That will make access to our services easier and more relevant for all those who engage with us.