Migrating from a Homegrown IAM to a Modern, Integrated AM/IGA/PAM Solution

A lot has changed in higher education. After a global pandemic forced many institutions to rapidly (and often haphazardly) roll out remote learning, attacks against colleges and universities hit unprecedented levels. To this day, many organizations still rely on homegrown IAM programs that are no longer able to adequately scale to secure to meet their evolving needs. 

Highlights

Challenge

Our client, a major North American university, needed to migrate away from their in-house solution to a centralized IAM solution with identity governance and privileged access management. Without internal resources to support the migration and leverage their IAM’s full potential, this client brought in KeyData Cyber to facilitate their transformation. 

Solution

We conducted a holistic, enterprise wide IAM Assessment to help our client support secure access for their 70,000+ students, 15,000+ internal users, and thousands of privileged accounts. 

• Solution Design and Implementation: We crafted a technology implementation plan specifically tailored to their unique environment and requirements, leaving no room for guesswork.
• Governance and Process: We installed CyberArk and developed key governance and process documentation, including PAM lifecycle processes, PAM standards, PAM Metrics, PAM end-user guide, and a PAM administrator guide.
• Centralized Identity Management: We deployed SailPoint IIQ to unify identity records from multiple sources, including HR, the Student Information System, and the Academic Resource Manager.
• Data Integration and Automation: We installed ForgeRock AM (now Ping) and integrated it with a diverse array of applications, including AD, AAD, G Suite, Confluence, Dynamics 365, and eClass.
• Knowledge Transfer and Sustainability: A comprehensive training, knowledge transfer, and testing strategy was developed to ensure a seamless and successful implementation.
• Authentication Flows: To streamline secure access, we configured authentication flows and piloted Social Login to improve the user experience.

Outcomes

• Upgraded Target State Architecture: We designed and successfully implemented a unified target state vision across the University.
• Simplified IAM/PAM Lifecycle: We made improvements to their IAM/PAM lifecycle processes and provided documented support for governance and operations.
• Process Validation: We conducted PoC testing of their IAM/PAM technologies based on the client’s unique requirements.
• Clear Documentation: After our analysis, we provided documentation to support implementation of IAM and PAM technologies, including prioritized roadmap, project and implementation plan, product delivery approach, RACI model (Responsible, Accountable, Consult, Informed), training and testing strategies, and knowledge transfer strategy.

The successful implementation of a modern, integrated IAM solution at this university has fortified their defenses against evolving cyber threats with a scalable, streamlined foundation for the future. By partnering with KeyData Cyber, the institution can now confidently manage secure access for its entire community—from students to staff—keeping education accessible and secure.