A Guidebook to Maturing an Identity and Access Management Program on Campus

Why Read This Report

Overall spending on cybersecurity technologies and staffing is at an all-time high, but statistics show that the average size of data breaches continue to rise, and a large percentage of hacking-related breaches leverage either stolen and/or weak passwords. These metrics show a clear misalignment between cybersecurity investments and outcomes. Higher education institutions are particularly rich targets for data breaches. This guidebook reviews the research and surveys the market to draw conclusions and make recommendations about how an IAM strategy should evolve to protect the institution’s business risks and goals.

Key Questions Answered

• Why are higher education institutions very rich targets for data breaches?
• What are the current IAM trends in higher education around policies, staffing, and tool adoption?
• How do IAM programs differ by size and type of institution?
• What are the steps to starting or expanding an IAM program?
• How does an institution benchmark their current IAM capabilities and plan a maturity roadmap?

Report Features

• Download complimentary Executive Summary.
• Author: Katelyn Ilkani, VP, Cybersecurity Advisory Practice, The Tambellini Group.
• Report Length: 48 pages.
• Report Availability: March 2018.

Table of Contents

1. Executive Summary
2. Introduction
3. Previous Work
   1. Aegis Identity
   2. EDUCAUSE
   3. CNI
   4. Harvard University
   5. Internet2
   6. The Tambellini Group
   7. Gaps in the Previous Work
4. Methodology for this Guide
   1. Primary Research Methodology
   2. Secondary Research Methodology
5. Primary Research Findings by Peer Group
   1. Barriers and Enablers to IAM Adoption
      1. Barriers
      2. Enablers
   2. Importance of Compliance
   3. Staff Needed for an IAM Program
   4. Enterprise vs. Homegrown vs. Open Source Tool Adoption
   5. Yearly IAM Software Costs
   6. The Maturity Curve — Functional Gaps
      1. Basic/Foundational Gaps
      2. Enhanced Gaps
      3. Advanced Gaps
   7. The 24-Month Outlook for Cloud IAM Tool Adoption
6. Recommendations
   1. Steps to Starting or Expanding an IAM Program
      1. People, Processes, and Technology
      2. The Role of Frameworks
7. Conclusion
8. References
9. Appendices
   1. Appendix 1: Interview Questions
   2. Appendix 2: Survey Questions