Identity and Access Management (IAM) Initiative

On June 1, 2017, Information Resources will launch a new system called Account Center. This new system is the latest effort in the IAM initiative. Account Center will control the way that campus users' accounts are created and managed, and it will provide a number of improvements over current systems. Please see the major changes and important dates included below, and please note that the transition to the new Account Center will cause some disruption to current account creation processes.

What will change when Account Center goes live June 1st?

Account Center will manage the provisioning and de-provisioning of Active Directory, LDAP, Blackboard Learn, Google Apps and Office 365 accounts. Below are the services that are automatically provisioned for active students, faculty, staff and auxiliaries:

Active Directory LDAP Blackboard Learn Google Apps Office 365
Students x x x x
Staff x x x x x
Faculty x x x x x
Auxiliary x x x x x
Instructor x x x x x

New faculty will only get access to course shells and student data in Blackboard Learn after I9 processes are complete (policy requirement). Below are two diagrams which provides a high level overview the steps required to trigger Blackboard Learn account provisioning and the additional steps for the release of the course shell.

Faculty Onboarding Processes

Additional changes include:

  • All student employees will automatically receive Office 365 accounts
  • New password management tools will provide additional self-service options for account recovery
    • Pin reset via mobile number for password recovery
    • Pin reset via personal email address for password recovery
    • Answering security questions for password recovery
  • New password rules will be implemented for employees and students 

Important details as the campus moves towards the launch of Account Center

May 16 - June 6: Parent Portal will be locked

  • Parent account creation will not be available during this period
  • Parents with existing accounts should not see a disruption of service

May 19 - 31: New account creation will be suspended

  • New accounts will not be issued for new students, faculty, an staff during this time as we transition to the new system
  • Faculty, staff and students with existing accounts should see no disruption of service

June 1: Account Center will be operational

Account creation for new faculty, staff and students will resume

Identity & Access Management(IAM) FAQs

What is IAM?

IAM enables the right people to access the right resources at the right times for the right reasons.  IAM is a combination of:

  • Digital identities and processes related to identity lifecycle management
  • Identity management registry (Fischer Identity)
  • Password management tools
  • Directories (e.g. AD, OpenLDAP)
  • Access and authentication tools (e.g. CAS, Shibboleth, ADFS)
  • Support providers’ and service owners’ roles and responsibilities
  • Security
  • Governance and training

Why has CSU, Chico embarked on the IAM initiative?

Beginning in July, 2015 CSU, Chico selected Fischer International as the vendor of choice for a new identity & access management system.  Once implemented the new IAM system will:

  • Replace the current identity & access management system developed ten years ago called the Registry.  The Registry no longer provides the functionality necessary to keep pace with the needs of the University.  

  • Address information security audit findings from 2008 and 2014 that found deficiencies in campus password management policies. These deficiencies need to be addressed to comply with the CSU access control standard which reduces the risk for easily guessed passwords and unauthorized access to network resources and confidential information.

  • Automate the provisioning and deprovisioning of campus accounts and access for all employees, students and guests of the University. Currently employee and guest account provisioning is a manual, multi-step process that is slow and prone to errors.  In some cases it can take a new employee several weeks to get access to all of the services necessary to do their job.

For more information about the Identity & Access Management Initiative, please refer to the attached IAM Roadmap.

Announcements

Account provisioning will be locked from May 19 through May 31, 2017

The University will be transitioning to a new account management system, called Account Center from May 19 through May 31, 2017. During this period no new accounts will be created or claimed. Beginning June 1, 2017, Account Center will be operational and account creation and claiming will resume.

IAM Project Status

If you are interested in the latest information about the IAM Project and Account Center launch click here.

Campus Entitlements Catalog

Campus users get accounts and access based on their relationship (AKA affiliation) with the University. This Entitlements Catalog outlines the specific accounts/access that are provided to each affiliation beginning on June, 2017. 

Account Center Knowledge Base Articles

Please click here to find more information about Account Center