In a milestone representing Harvard University Information Technology’s commitment to streamlined, consistent access control and improved end-user experience, the Identity & Access Management (IAM) program successfully decommissioned the deprecated PIN3 user authentication service on Jan. 26, 2015 — a move that will save $100,000 in hosting by the end of FY15. All Harvard applications that had been using this legacy service to log in users, 178 apps in all, have been moved to newer, more robust solutions provided by the IAM program.

The PIN3 service was created in the 2008-2009 academic year, but was never fully adopted University-wide. Additionally, since Spring 2013, enhancements made to Harvard’s main authentication system were not available to applications that used PIN3. Over time, the continued maintenance of PIN3 became problematic for end users and an increasingly cumbersome support task for the IAM team — leading to a decision to sunset the service in the end of 2014.

Beginning in the summer of 2014, IAM worked continuously with application owners across Harvard to transition their user authentication processes from PIN3 to the latest version of Harvard’s web authentication system. By the end of 2014, nearly all app owners had moved to the newer authentication method, enabling the IAM team to help wrap up the remaining migrations and retire the entire PIN3 service — including physical data-center infrastructure — by their end-of-January goal date.

Retiring the on-premise application saves money that can be used to facilitate other critical IAM efforts, but benefits also extend beyond a cost savings. Consolidating authentication methods for Harvard Community applications and services facilitates a consistent integration pattern, as well as improved security for both application owners and end users. Furthermore, the move simplifies support processes for HUIT Help Desk staff.

"We greatly appreciate all of the effort on the part of Harvard application owners who collaborated with us to migrate off of PIN3,” says Jane Hill, director of IAM product management. “Working together, we were able to decommission PIN3 servers according to schedule, saving the University in physical infrastructure costs and improving the user experience for all users.”

Sunsetting PIN3 is just one step in a comprehensive three-year plan of action for the IAM program, an agenda that includes wide-ranging improvements in how Harvard Community users gain and maintain access to the materials and resources that enable their day-to-day academic and operational activities. For more information about the IAM program’s suite of web authentication services for Harvard applications and services, please visit the IAM website or contact Gretchen Grozier, IAM community program manager.

>> See all news from the Identity & Access Management program