About Identity & Access Management


Want a single-page overview of identity and access management practices at Harvard? Get a brief introduction to the IAM program and how we are serving the Harvard Community in our guide
A Case of Identity.

As a set of business processes and supporting technologies, identity and access management (often referred to as "IAM") principles enable the creation, maintenance, and use of digital identity. When implemented correctly, good IAM practices make sure that the right people gain access to the right materials and records at the right time, as well as making it safe, secure, and simple to change access rights, group memberships, and other key attributes as users and systems grow, change, are added, or are removed.

The Identity & Access Management program at Harvard University — a strategic initiative of Harvard University Information Technology that serves the needs of the entire Harvard Community — is devoted to the implementation of IAM best practices via technologies and methods that improve convenience and ease of access for students, faculty, staff, and affiliates while improving the security and safety of University records and other data. Harvard's IAM program and services are responsible for the management of faculty, administration, and student information; access to Harvard applications and information; and the distribution of such information externally.

How Are IAM Best Practices Implemented at Harvard?

The first impression of IT services by any Harvard student, faculty, researcher, or administrative staff member is formed from his or her experience at the first login screen. In its current implementation, identity and access management at Harvard is often redundant and complex. The impact of such distributed complexity includes:

  • Lost User Productivity: Users lose time as they wait for new accounts to be created. Delays in the ability of users to access resources result when manual, paper-based workflows and approvals cannot be streamlined or easily orchestrated. There can be a lengthy wait time for users to gain access to the resources they need and have the right to use.
  • Poor User Experience: Issuing and requiring management for multiple user accounts and passwords in order to gain access to different applications and resources across Harvard makes users confused and frustrated.
  • Limited Information Sharing Across Applications: Applications are "siloed" by being unable to share basic information such as contact details, files, and common data for calendaring and other functions.
  • Unnecessary Administrative Overhead: Help desk and other IT support staff are unnecessarily burdened by the high volume of support requests addressing basic account or application management functions such as password management.
  • Reduced Security Stature: The inability to streamline deprovisioning of users or to manage user access privileges to applications and resources exposes the University to the risk of unauthorized access and audit compliance issues.

The reach of these problems and their associated impact is vast — to the extent that School IT leaders across Harvard are united in their concern. Because IAM practices affect all of the University’s people, resources and systems, the reputation of HUIT and of Harvard at large is stigmatized as a direct result of limitations of the current IAM solution set.

Our Vision and Guiding Principles

The mission of Harvard's IAM program is simple, but all-encompassing:

Provide users, application owners, and IT administrative staff with secure, easy access to applications; solutions that require fewer login credentials; the ability to collaborate across and beyond Harvard; and improved security and auditing.


We will also place heightened emphasis upon the following guiding principles:

  • Harvard Community needs will drive how technology supports the Identity and Access Management program
  • Tactical project planning will remain aligned with overall strategic objectives
  • Solution design will allow for other Schools to use foundational services to communicate with the IAM system in a consistent, federated fashion
  • Communication and socialization of the program are critical to its success

Program Plan

The Identity and Access Management Program was created under the umbrella of a program plan outlining an implementation framework, key objectives for implementation and delivery, 11 primary program concentrations, and additional details. Download the plan, or see additional implementation updates, executive dashboards, and other materials documenting our progress on our Resources page.

Governance

The Identity and Access Management program is split into three individual governing committees, each responsible for strategic input and oversight of key IAM focus clusters: the Executive Committee, the Lifecycle Committee, and the Technical Oversight Committee. Learn more about each committee at the links.

Work With Us

The IAM team's program plan includes extensive outreach efforts as we work to integrate improvements and additions to Harvard's IAM solution set with Schools and other units across the University. To learn more, or to discuss how the IAM program can further your objectives, contact us.