Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIO Council: IAM Update

Published byAdela Webster Modified over 6 years ago

Similar presentations

Presentation on theme: "CIO Council: IAM Update"— Presentation transcript:

1 CIO Council: IAM Update
5/19/2018 CIO Council: IAM Update Jason June 15, 2015 Monday 4:25-5:00 p.m. 561 Smith Center

2 Jason Agenda HarvardKey: The Benefits Rollout Timeline A Sneak Peek
5/19/2018 Agenda HarvardKey: The Benefits Rollout Timeline  A Sneak Peek Multifactor Authentication How Does MFA Work? The Components Integration Strategies Jason 2

3 HarvardKey: The Benefits
5/19/2018 HarvardKey: The Benefits HarvardKey is a unifying credential that enables access to , desktop, and Web resources with a single login name and password. Successor to Harvard’s current PIN System New, mobile-responsive user experience for the login screen and account management suite (looks great on tablets, too!) Authentication and authorization are much more nimble Supports optional multifactor authentication Easier onboarding and off-boarding Supports the HUIT goal of “One Identity for Life” for any person — regardless of role — including seamless support for changes between roles, schools, etc. Jason 3

4 SEPT: Alumni OCT: FAS Central
5/19/2018 Rollout Timeline You’ll see changes to the old PIN login screen beginning in September, with waves of user populations invited to activate a HarvardKey soon after. September 22, 2015: New HarvardKey self-service account management functions available to all Alumni users October 6, 2015: HarvardKey available to FAS and Central users in conjunction with Harvard’s IT Security Campaign Within 18 months, every Harvard Community user will be invited to onboard SEPT: Alumni OCT: FAS Central Jason – Grouper functionality will be used to power HarvardKey (we will roll out Grouper’s external functions when we can) 4

5 Rollout Timeline As we rebrand, all screens that currently contain PIN branding will be converted to HarvardKey. Alumni (Post.Harvard) credential goes away (this includes all active students) In October, for FAS and CADM+: New Harvard users will claim a HarvardKey during onboarding All password reset requests will go through HarvardKey Existing users may claim a HarvardKey if they wish Harvard Phone users will require HarvardKey One-year cycle for CADM+, since those users will need to reset password on anniversary Rollout will be coordinated with Security Campaign to reinforce strong- password requirement (including reminder that strong passwords don’t need to be periodically reset) and ensure that users will recognize the “claim your HarvardKey” No changes to applications anticipated 5

6 5/19/2018 A Sneak Peek Jason 6

7 Multifactor Authentication
Multifactor authentication (MFA) is an authentication method that requires the user’s identity to be verified by more than one independent factor. Types of factors: Something you know: Password Something you have: Security token or smartphone app push notification response Something you are: Fingerprint We will use the user’s smartphone as a primary second-factor device in addition to standard username/password authentication. (Users without smartphones will have other phone-based options.) User enables MFA for selected app(s) using HarvardKey self-service User downloads app to smartphone When user goes to log in, he/she acknowledges a push notification on his/her phone and login proceeds as normal 7

8 Multifactor Authentication Integration Strategies
An application requires use of MFA: Application registration with HarvardKey will be extended to support this option User prefers MFA on all his/her access points: User can use the self-service functionality within HarvardKey to set this preference Application requires MFA for some users (e.g. admin users): Grouper, IAM’s group management tool, will be used to support this requirement 8

9 Questions?

10 Thank you!

Download ppt "CIO Council: IAM Update"

Similar presentations

Employee Self Service (ESS) Registration

Employee Self Service (ESS) Registration
Oracle IDM at First National Bank

Oracle IDM at First National Bank
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
Confidential 1 Electronic Prescribing of Controlled Substances (EPCS) Part 1 of a 3 Part Series Chuck Klein, Ph.D. GM/Director, Medication Management.

Confidential 1 Electronic Prescribing of Controlled Substances (EPCS) Part 1 of a 3 Part Series Chuck Klein, Ph.D. GM/Director, Medication Management.
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
University of Michigan Administrative Information Services Two-Factor Authentication An Update Linda Hancock Green August 2006.

University of Michigan Administrative Information Services Two-Factor Authentication An Update Linda Hancock Green August 2006.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn.

Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn.
Updating User Information Password – use this field to change your own password Confirm Password – retype the new password for verification purposes To.

Updating User Information Password – use this field to change your own password Confirm Password – retype the new password for verification purposes To.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
NEW MOBILE WEB. August 2013. ‘Mobile First’ Mentality “If you don’t have a mobile strategy, you don’t have a future strategy.” - Dr. Eric Schmidt, Executive.

NEW MOBILE WEB. August ‘Mobile First’ Mentality “If you don’t have a mobile strategy, you don’t have a future strategy.” - Dr. Eric Schmidt, Executive.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.

U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
Identity on Force.com & Benefits of SSO Nick Simha.

Identity on Force.com & Benefits of SSO Nick Simha.
COMPDIRS NATHAN DORS APRIL 16, 2015. AGENDA  IAM – who we are, what we do  HRP Modernization & Workday  What’s new in IAM?  Identity.UW soft.

COMPDIRS NATHAN DORS APRIL 16, AGENDA  IAM – who we are, what we do  HRP Modernization & Workday  What’s new in IAM?  Identity.UW soft.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.

U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
© 2015 Universal Service Administrative Company. All rights reserved. How to Use the Portal E-rate Program Applicant Training Washington DC Tampa Albuquerque.

© 2015 Universal Service Administrative Company. All rights reserved. How to Use the Portal E-rate Program Applicant Training Washington DC Tampa Albuquerque.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
“The FIDO Alliance Today”

“The FIDO Alliance Today”

Similar presentations

Ads by Google