Security Access Management at UCI – Slaying the Paper Forms Dragon Mark Askren, Assistant Vice Chancellor Valerie Jones, Project Lead Jennifer Lane, Help.

Slides:



Advertisements
Similar presentations
A Successful Help Desk Process for all IT Support
Advertisements

Copyright Policy Copyright Cathy O’Bryan This work is the intellectual property of the author. Permission is granted for this material to be shared.
UC Transfer Admission Planner (UC TAP) and Transfer Admission Guarantee (TAG): Tools for Students & Counselors 2013 UC Counselor Conference.
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
Worcester Polytechnic Institute 1 Providing Technology Orientation for New Faculty and Staff Copyright © 2005 Worcester Polytechnic Institute This work.
Copyright Dickinson College This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Emergency Notification Systems - ISU Alert EDUCAUSE Midwest Regional ISU Alert Carol McDonald Information Systems Leader Information Technology.
University of Central Florida’s ePay System: Online, Not In Line CUMREC 2004 May 16th – 19th Aaron Streimish Special Projects Coordinator Computer Services.
Selecting a Business Intelligence Standard for Higher Education Mid Atlantic Educause Conference Baltimore, Maryland Baltimore, Maryland January 10, 2006.
Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,
Delivering Windows OS Updates at Yale with SUS EDUCAUSE Security Professionals Workshop May 17, 2004 Washington DC Ken Hoover, Systems Programmer
Office of the Vice President Copyright Notice Copyright Greg Hedrick, Matthew Wirges This work is the intellectual property of the author. Permission.
Migrating to uPortal 2 at UBC Paul Zablosky University of British Columbia Copyright Paul Zablosky This work is the intellectual property of the.
The Homegrown Single Sign On (SSO) Project at UM – St. Louis.
Procurement From the 20 th to the 21 st Century Copyright Byron Honoré This work is the intellectual property of the author. Permission is granted.
Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Copyright C. Grier Yartz This work is the intellectual property of the author. Permission is granted for this material to be shared.
Providing and Managing Technology Training Providing & Managing Technology Training Susan McKibben The University of Akron.
Making the Pieces Fit Together Barbara Draude, Director, Academic and Instructional Technology Services Middle Tennessee State University Lisa Rogers,
It’s All in How You “Sell” It Pay for Print vs. Print Conservation:
Copyright Dong Chen, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
Copyright Anthony K. Holden, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Five Berkeley Campuses Three in NJ; Two in NY Bachelor of Science in Business Administration Degree Online Online Courses Hybrid Courses Web Enhanced Courses.
University of Washington CUMREC 2003 Uncompromised Web Applications: Variety Without Chaos University of Washington CUMREC 2003 Copyright University of.
Web Portal Development with uPortal or.Net Midwest Educause: March 24-26, 2003 David B. Williams Mark Troester
Turning Information Into Action: Enterprise Reporting at Columbia University Maria E. Mosca, Director Student Information Systems Columbia University in.
University of California, Irvine Security Access Management at UC Irvine: Adding Decentralization and Ending Paper Mark Askren, Assistant Vice Chancellor.
Cheryl Ast Project Team Leader, Administrative Computing Services (949) EDUCAUSE Southwest Regional Conference University of.
Cheryl Ast Project Team Leader, Administrative Computing Services (949) CUMREC 2003 University of California, Irvine Tuesday, May.
Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.
Darrel S. Huish Katherine J. Ranes Arizona State University Lessons Learned During the First Year of myASU, a Large Institution Portal Copyright Darrel.
So You Want to Switch Course Management Systems? We Have! Come Find Out What We’ve Learned. Copyright University of Okahoma This work is the intellectual.
Intellectual Property Protocol and Assessment for Distance Learning Liz Johnson Project Manager Advanced Learning Technologies Board of Regents of the.
Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
Sharing MU's SharePoint Experience 2005 Midwest Regional Conference Innovative Use of Technology: Getting IT Done Wednesday, March 23, 2005.
1 No More Paper, No More Stamps: Targeted myWSU Communications Lavon R. Frazier April 27, 2005 Copyright Lavon R. Frazier, This work is the intellectual.
POLIS: Project for Online Instructional Support Veronica Diaz, POLIS Administrator Duffy Gillman, POLIS Systems Programmer.
Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.
Beyond the Campus Gates: Bringing Alumni, Parents, and Prospects into the Campus Portal William P. Wilson Mark R. Albert John C. Duffy Gettysburg College.
Information Technology Services 1 Copyright Copyright Marc Wallman and Theresa Semmens, This work is the intellectual property of the authors. Permission.
HumaniTech®: Educause, Seattle October 24, 2007 Bridging Divides, Building Collaborations
Moving Your Paperwork Online University of California, Irvine presents PayQuest Copyright UC,Irvine This work is the.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
Mandatory Annual ACE Training Fiscal Year 2011 – 2012.
Twitter: 1.
Middleware 101 Dave Tomcheck UC Irvine. Overview Drivers and Assumptions Objectives The Components of the Business Architecture Implications for Stakeholders.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
Pay for Print vs. Print Conservation: It’s All in How You “Sell” It © Kathy Gervasi and Bill Thieke, This work is the intellectual property of the.
Portal to the Rescue: First Year Information Copyright William P. Wilson This work is the intellectual property of the author. Permission is granted.
Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)
Copyright © 2003, The University of Texas at Austin. This work is the intellectual property of the author. Permission is granted for this material to be.
Center for Planning and Information Technology T HE C ATHOLIC U NIVERSITY of A MERICA Bringing IT All Back Home Centralized Systems in a Decentralized.
Effective Distribution of Academically Licensed Software ©2008 Brent West. This work is the intellectual property of the author. Permission is granted.
Welcome to Departmental Security Administrator Training!
Portals and Web Standards Lessons Learned and Applied David Cook Copyright The University of Texas at Austin This work is the.
Page 1 of 42 To the ETS – Create Client Account & Maintenance Online Training Course Individual accounts (called a Client Account) are subsets of the Site.
2007 Carnegie Mellon University 1 Copyright Kelley Anderson and Mary L. Pretz- Lawson, This work is the intellectual property of the authors. Permission.
Message Validation, Processing, and Provisioning System (MVPS) Access for Jurisdictions User has SAMS User ID Center for Surveillance, Epidemiology, and.
Copyright James Kulich This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Chief Information Officer Effectiveness in Higher Education Wayne Brown, Ph.D. Copyright Wayne Brown This work is the intellectual property of the.
University of Southern California Identity and Access Management (IAM)
Welcome! To the ETS – Create Client Account & Maintenance
Applications of Virtualization & Automation
University of Southern California Identity and Access Management (IAM)
Project for OnLine Instructional Support (POLIS)
myIS.neu.edu – presentation screen shots accompany:
An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.
Managing Enterprise Directories: Operational Issues
Presentation transcript:

Security Access Management at UCI – Slaying the Paper Forms Dragon Mark Askren, Assistant Vice Chancellor Valerie Jones, Project Lead Jennifer Lane, Help Desk Analyst Copyright Mark Askren This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author. University of California, Irvine Administrative Computing Services

Agenda Background Project Overview Demonstration The Future UC Irvine

UC Irvine Campus Overview Year Founded: Enrollment: 24K students Carnegie Classification: Doctoral/Research – Extensive Extramural Contracts & Grants Awarded: $235M for UC Irvine

Growing need CategoryTimeframe# StudentsFall ,885 Fall ,779 Fall ,874 EmployeesFall 20017,553 Fall 20027,882 Fall 20038,120 Access Requests20011,141 (30 applications)20021, ,333 UC Irvine

The Objective Customers wanted faster, simpler access to Administrative applications. UC Irvine

The Result SAMS - Security Access Maintenance System Response to a campus-wide request to simplify the process of requesting access to administrative applications UC Irvine

Previous Request Process Help Desk Forms filled out correctly ? Access approved ? Access Requests Congratulations! You now have access! Access granted All training completed? User Notified UC Irvine

User Requirements Departmental control of access request process Departmental security administrator (DSA) specifies access via Web application Database can be queried easily (by DSAs and users) to review access Enable DSAs to model new access requests after existing/former employee profiles UC Irvine

Requirements (cont’d.) No programmer action required for each access request DSAs are allowed to grant access only to accounts for which they are authorized Central office approver/trainer approves access requiring training and/or approval AdCom Services logins are assigned once, and do not change on departmental transfers UC Irvine

Challenges/Solutions ChallengeSolution Unable to modify some existing applications to get security rights from SAMS Real-time update of legacy apps from SAMS Hourly or nightly updates of various applications Mapping some applications’ unique profiles into one SAMS function Various applications’ profiles added into SAMS data model UC Irvine

Technology In-house Java application Web interface using JSP/Javascript Integration with uPortal: open-source Campus Business Portal (

Over 260 ‘grantable’ functions, 30 applications Create application groups to help the grouping of applications/functions Nested functions help to display list in a tree menu structure Separate departmental functions from central office functions Build a Nest, Grow a Tree

Notifications All access requests to DSA and User to Help Desk of all requests requiring manual update All trainers and central office approvers when required Notification to cancel-logon group when account is deleted UC Irvine

Security Policy All users MUST complete security use agreement before access is valid All DSAs must agree to terms of SAMS DSA Agreement DSAs cannot grant access to themselves UC Irvine

Demonstration UC Irvine

Process Improvements PRIORCURRENT 11 paper formsPaperless access requests via web application Up to 27 access request steps per function Most functions require 1 step, additional steps required in special cases (i.e. training) Up to 10 manual approval steps 1 or 2 approval steps Users unable to view their access “My Access” link via business portal Improper signatures on forms“My DSA” link UC Irvine

SAMS Users 94 Departmental Security Administrators 1,809 Application Users 12 Central Office Approvers 30 Enterprise Applications UC Irvine

The Road Ahead SAMS currently supports 30 administrative applications, 4 still require manual updates Additional access queries, reports Addition of departmental applications to SAMS Integration w/LDAP (role-based security) UC Irvine

Lessons Learned Communicate, communicate, communicate Getting the word out to the proper target audience DSA training challenges Removal of Help Desk as central review point for all access requests Timing issues with training preparations UC Irvine

Questions? UC Irvine

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.