When identity management practices work, they truly make life easier for IT staff and users alike. Peter Siegel, CIO at the University of California, Davis, says one of the main benefits of the university's Oracle-based identity and access management (IAM) system is having an accurate central repository of student, faculty and staff identities. The most dramatic results have been seen at the UC Davis Health System in Sacramento, where all primary computer logon accounts are created automatically.
Trisha Edgerton, the university's joint technology program manager, says the UC Davis IAM system establishes a "golden record," essentially a single master directory of all identities. "Everything feeds from multiple databases into one single system, where all the student, staff and faculty identities are automatically matched to ensure accuracy," she says. "Even if a person changes their status, we know that we have
a single individual by matching their unique attributes from the various applications."
Departments can download information from the IAM to gain accurate demographics, including email addresses and department affiliations. In the past, to get a picture of an identity, multiple databases were required, and information was matched manually to ensure slightly different duplicates were properly collapsed into a single record. The system went live in November 2011.
UC Davis uses Oracle Waveset to manage accounts and Oracle Identity Analytics for access management for the main campus and UC Davis Health System. The IAM team performed a system upgrade in December 2012 that added student and affiliate records to the data store. That release increased the number of identities in the system from 35,000 to 80,000.
About five years ago, Princeton University IT recognized the growing importance of identity management, and that mobility would only make it more critical.
"Much like other schools, we struggled with maintaining accurate directory information," Colin Currie, the university's executive director of administrative information services, says. "We decided to connect our enterprise resources planning system with our unified directory via an identity management layer."
Fully deployed in 2011, the system more easily and accurately provisions and deprovisions users and delivers access to applications as multiple devices arrive on campus. Using a combination of Oracle Identity Manager, Oracle Access Manager and Oracle Adaptive Access Manager, the system lets the IT staff deliver better application access control, regardless of device.
— Nathan Hensal, IT Services Director, Highland Community College, Freeport, Ill.
— Steven Tharp, Identity Services Manager, Davenport University, Grand Rapids, Mich.
— Scott A. McCollum, CIO, Sinclair Community College, Dayton, Ohio