Skip to Main Content

Identity and Access Management at Miami

You can’t spell Miami without IAM

Identity and Access Management is, at its heart, a phrase that describes the process by which people access the tools and resources they need. It asks and answers three questions:

  • Who are you?
  • What is your role?
  • What permissions do you need to fulfill your role?

At Miami, those questions can be complicated. Students, faculty, staff, alumni, emeriti… There are a lot of different roles—and therefore account types and permissions—to manage.

Once these questions are answered clearly, it provides a picture of what kinds of applications and systems you need in order to be successful. Students need access to Canvas. Some staff members need access to Banner. Faculty may need access to both.

IT Services is working on a project that will make answering these questions—and keeping track of our roles—easier and more user-friendly. The Identity and Access Management Program will touch all of the various systems used throughout the University (e.g., Banner, myMiami, Gmail, TeamDynamix, etc.) and will help us determine a better way to manage account types and the appropriate permissions associated with them. With IAM in place, it will be easier to grant access to the resources you need, when you need it.

After all, you can’t spell Miami without IAM!

Why do we need IAM at Miami?

There are several key benefits of IAM that will be immediately apparent:

  1. It makes your job easier. When we can more accurately determine the role and required permissions of the person logging in, we can help them access the tools they need to do their job or excel in their coursework. And as their roles change (for instance, if a former student gets hired as a staff member), permissions will change with them.
  2. It improves security. We can make sure that people are who they say they are—the “identity” part of the phrase. This helps keep the malicious actors out and our community in. What’s more, giving the right people access to the right things at the right time means that everyone’s data is more secure.
  3. Speed! This new program will bring greater flexibility and security to many different systems at Miami. Onboarding will be simplified.

IAM also means greater compliance with regulatory standards, reducing demands on IT resources, and faster workflows. Simply put: You get access to what you need, when you need it.

All of these benefits come together to form a more complete picture of who you are, what your role is at Miami, and how you fit into the grand scheme of things from a technology standpoint.

MUnet Password Utilities

On March 28, 2024, the new MUnet Password Utilities portal was launched. Miami community members may now change their passwords in the new system. This new look gives us a more streamlined, in-brand, easy-to-use way to change passwords, manage recovery options, and reset your password if you forget it.

Manage your Password and UniqueID

Please remember, however, that if you had secret questions as your only recovery option before March 28, in the event you forget your password, you will have to contact IT Help and verify your identity (with copies of your ID cards or driver’s license) before they reset your password. If you have a current recovery (non-Miami) email or phone number set, you can reset your password immediately with no help desk intervention!

Check out our YouTube walkthrough of how to change your password in the MUnet Password Utilities portal!

Project Timeline

As we move to deploy a new, advanced identity governance administration tool, we are considering the IAM Program in multiple parts or phases. They are phases by virtue of time but also of where we are in the project and what steps the University takes toward a more cohesive technological environment.

Phase 1: Environment assessment and vendor selection

Over the past two years, IT Services has been hard at work making notes, delving into the nuts and bolts of our current identity systems, consulting with experienced technical experts, and hiring our new identity and access management champion. We dove deep on our particular technological environment and the business needs we have to meet with a system like this, one that marries access control and identity management, because it will impact all of our users at some point.

We also made sure to consult with various stakeholders across the university to gather current and future requirements for identity and access management. Our consultant partner, Moran Technology Consulting, was instrumental in this process as they created a high-level diagram and detailed account management information for us based on those meetings.

As such, we have selected a product that we are confident will meet our needs for our particular environment. The solution we have chosen, RapidIdentity by Identity Automation, is a robust tool that will grow with us as our needs change and as our environment matures.

Phase 2: Setting up RapidIdentity; account provisioning and deprovisioning

IGA installation

This phase will involve replacing our current account provisioning tool with the identity governance and administration (IGA) tool. The capabilities of the RapidIdentity software will allow us to provision (create), deprovision (delete), and manage user accounts.

This phase will be undertaken with careful consideration paid to the Workday implementation timeline, as the IGA tool will need to be in place before the Workday Platform deployment in July 2024.

We will also be implementing an identity hub. This will help connect our data (in Banner and Workday) and allow for real-time account management processes.

Governance

During the second phase of the IAM Program, we will also work to establish an IAM Governance Group in order to provide guidance and direction for the implementation of the IGA.

Fact-finding sessions

Representatives of the IAM Program (notably, our IAM champion and solution engineer, as well as key members of the governance group) will be scheduling meetings with stakeholders across the university to help us gather the necessary information for setting up the IGA tool. Be on the lookout for more information about this opportunity.

Down the road…

Some parts of this project will not be completed for some time, because business needs dictate that we focus on the above first and foremost. In the future, though, look for more information about the following:

  • Single sign-on services (i.e., the red login screen that you see in front of every Miami service)
  • Role-based access control (i.e., granting access to systems based on what your role is at the University)
  • Application authorization and API services integration
  • Account and access management workflows
  • Privileged access management

About Identity Automation

Our new IAM partner, Identity Automation, is a respected company with a lot of experience in the IAM arena, and especially the higher education sector. We are confident that they, along with our trusted consulting partner MTC, will be an invaluable resource as Miami matures in its IAM deployment.

Contact IT Services

312 Hoyt Hall
521 S. Patterson Ave.
Oxford, OH 45056
Get IT Help AccessMU Center myMiami