Overview


The first impression of any Harvard student, faculty, researcher, or administrative staff of IT is formed from their experience at the login screen. Today, the implementation of Identity and Access Management at Harvard is maddeningly redundant and complex.  The impact of such distributed complexity includes:

  • Lost User Productivity - Reduced productivity results as users wait for their new accounts to be created. Delays in the ability of a user to access resources that result when manual, paper-based workflows and approvals can not be streamlined or easily orchestrated. There can be a lengthy wait time for users to get access to the resources they need and have the right to access.
  • Poor User Experience - The issuance and management of multiple user accounts and passwords to support access to different applications and resources across the University results in user confusion and frustration.
  • Limited Information Sharing Across Applications - The applications are unable to share information that they could share, such as contact information, files and common data for calendaring and other common functions.
  • Unnecessary Administrative Overhead - The high volume of calls to the IT help desk to address basic account or application management functions, like a password management, creates an unnecessary burden on support staff.
  • Reduced Security Stature - The inability to streamline the de-provisioning of users or to manage user access privileges to applications and resources exposes the University to the risk of unauthorized access and audit compliance issues.

The reach of these problems and their associated impact is vast; such that, universally, all School IT leadership has become united in their concern.  Because IAM affects all of the University’s people, resources and systems, the reputation of Harvard University IT is stigmatized as a direct result of the limitations of the current IAM solution set.

Governance

The IAM Program is split into three individual governing committees: the IAM Executive Committee, Lifecycle Advisory Group, and Technical Oversight Committee. The following is a description of the responsibilities and objectives for each group:

IAM Executive Committee

The primary objective for the IAM Program Executive Committee is to provide consistent, timely and meaningful oversight for the Identity and Access Management Program.  The IAM Program Executive Committee will identify and champion business process improvement, provide program oversight, and guide the strategy for the implementation and roll out.  The Committee will meet on a monthly basis.

IAM Identity Lifecycle Committee

The mission of the IAM Identity Lifecycle Committee is to work towards improving the end-user experience at Harvard. This will be accomplished by bringing the collective and varied expertise of a representative set of campus business process owners to bear on topics related to the management of identity related processes and services.

The primary objective of the group is to contribute meaningful recommendations on process improvement and service offerings, and to serve as a catalyst for projects across the University that will improve on-boarding and the lifecycle of user experience through better systems, processes, education and raising awareness of process and policy. 

The group will advise the product and practice management team of the Identity and Access Management Program, including endorsing recommendations to the IAM Executive Committee.  The Committee will meet on a monthly basis.

IAM Technical Oversight Committee

The primary objective for the IAM Technical Oversight Committee is to provide consistent, timely and meaningful review of proposals of architecture and standards for the Identity and Access Management Program.  The IAM Technical Oversight Committee will identify the need for technical solutions, architecture, and standards. When those have been developed, provide feedback as well as recommendation for adoption to the IAM Executive Committee.  The Committee will meet on a monthly basis.

Vision

Provide secure access to applications that is easy for the user, application owner, and IT administrative staff with solutions that require fewer login credentials, enable collaboration across Harvard and beyond, and improve security and auditing.”

The IAM Program will be implemented to meet the vision in accordance to the previously defined tenets. Additionally, there will be heightened emphasis placed upon an additional set of guiding principles for the program. These include:

  • Harvard Community needs will drive how the technology supports the Identity and Access Program
  • Tactical project planning will remain aligned with the Program strategic objectives
  • Solution design will allow for other Schools to use the foundational services to communicate with the IAM system in a consistent, federated fashion
  • Communication and socialization of the program are critical to its success