Identity Access Management (IAM)
On June 1, 2017, Information Resources launched a new system called Account Center. This new system is the latest effort in the IAM initiative. Account Center controls the way that campus users' accounts are created and managed, and it provides a number of improvements over previous systems. Please see the major changes listed below.
What changed when Account Center went live on June 1st?
Account Center manages the provisioning and de-provisioning of Active Directory, LDAP, Blackboard Learn, Google Apps and Office 365 accounts. Below are the services that are automatically provisioned for active students, faculty, staff and auxiliaries:
Active Directory | LDAP | Blackboard Learn | Google Apps | Office 365 | |
---|---|---|---|---|---|
Students | x | x | x | x | |
Staff | x | x | x | x | x |
Faculty | x | x | x | x | x |
Auxiliary | x | x | x | x | x |
Instructor | x | x | x | x | x |
New Faculty and Blackboard Learn
New faculty will only get access to course shells and student data in Blackboard Learn after I9 processes are complete (policy requirement). These faculty process diagrams (JPG) provide a high level overview the steps required to trigger Blackboard Learn account provisioning and the additional steps for the release of the course shell.
Additional changes include:
- All student employees automatically receive Office 365 accounts
- New password management tools provide additional self-service options for account recovery
- Pin reset via mobile number for password recovery
- Pin reset via personal email address for password recovery
- Answering security questions for password recovery
- New password rules will be implemented for employees and students
Identity & Access Management(IAM) FAQs
What is IAM?
IAM enables the right people to access the right resources at the right times for the right reasons. IAM is a combination of:
- Digital identities and processes related to identity lifecycle management
- Identity management registry (Fischer Identity)
- Password management tools
- Directories (e.g. AD, OpenLDAP)
- Access and authentication tools (e.g. CAS, Shibboleth, ADFS)
- Support providers’ and service owners’ roles and responsibilities
- Security
- Governance and training
Why has CSU, Chico embarked on the IAM initiative?
Beginning in July, 2015 CSU, Chico selected Fischer International as the vendor of choice for a new identity & access management system. Once implemented the new IAM system will:
- Replace the current identity & access management system developed ten years ago called the Registry. The Registry no longer provides the functionality necessary to keep pace with the needs of the University.
- Address information security audit findings from 2008 and 2014 that found deficiencies in campus password management policies. These deficiencies need to be addressed to comply with the CSU access control standard which reduces the risk for easily guessed passwords and unauthorized access to network resources and confidential information.
- Automate the provisioning and deprovisioning of campus accounts and access for all employees, students and guests of the University. Currently employee and guest account provisioning is a manual, multi-step process that is slow and prone to errors. In some cases it can take a new employee several weeks to get access to all of the services necessary to do their job.
For more information about the Identity & Access Management Initiative, please refer to the IAM Roadmap (PDF).
Announcements
- Identity & Access Management (IAM) Project Charter (PDF)
- Learn more about the Account Center - Account Center - FAQ
Campus Entitlements Catalog
Campus users get accounts and access based on their relationship (AKA affiliation) with the University. The Entitlements Catalog outlines the specific accounts/access that are provided to each affiliation beginning on June, 2017.