Why Identity Management Is So Important in Higher Education

You are two or three weeks into your new role as the university’s CIO and have learned a lot about the institution and its students, the technology at a high level, and some of the major players on campus and in your own organization. You are starting to visualize options for a path forward, but they are just options at this point. Staff meetings are still a little awkward. There is nervous laughter among your leadership team, and staff members pause before answering your questions.

You have this little tickle in the back of your brain, and you need to get at it. So, you ask, “What are we using for identity and access management?” The pause before anyone answers seems a bit longer. “Well,” says your applications director, “most of it is in our AD.” Then you hear a litany of the people and code that supports identity and access management. So now you know. You don’t have an IAM system.

This is so common in higher education that many IAM vendors have all but given up on modernizing higher ed. Higher ed institutions are some of the most complex IAM customers due to the multiple, simultaneous, and strange recurring roles and overlapping calendars. (I have been an employee, technology administrator, parent, donor, ticket buyer, and alumnus all at the same time.) If the institution has clinical operations, the complexity is significantly greater.

The reality is that most institutions are now looking at broad modernization programs, cloud applications, cloud and hybrid infrastructures, dev-ops teams working on AWS and Azure, and new innovative partnerships with academic and administrative peers working on technology selection and operation. As institutions move their technology from passive to active, with continuous improvement built in, they need the middleware and support infrastructure to reduce organizational friction. And all these efforts point to the need for a modern, agile, and accurate IAM platform.

Coding should not be required for configurable relationships. Designing and implementing new roles across existing systems should not require an engineer. Connecting new systems should be a repeatable process with standardized processes and connectors. Modern IAM platforms, which are highly configurable, ensure that these activities can be accomplished without long development cycles standing in the way.

In addition, modern IAM platforms have either expanded to include, or easily integrate with, identity governance and administration (IGA) functions. These systems can automate access reviews and onboarding and offboarding processes, and they make internal and external audits much easier, more transparent, and less stressful.

As institutions move to become modern digital enterprises, some of the basic items that corporate organizations tackled in previous years are going to have to be addressed. IAM and IGA are core connective tissue in an organization, and institutions should be planning for their move to a modern platform. These initiatives, along with other modernization topics are lurking ahead in the digital journeys. For example, data governance, integration architectures, and modern data and analytics platforms are missing across a large number of institutions.

These modern core capabilities are not easy or inexpensive to adopt, rarely get executive attention, and require cultural change—in addition to the dollars and human effort—to implement, but they act as multipliers for digital transformation efforts. They reduce the effort and increase the flexibility of institutions to adopt new technologies where needed and to respond to external pressures gracefully. And we’ve certainly learned a lot about external pressures this past year! As you consider these strategies, think about whether you would build a new classroom or laboratory building without a modern utility grid—power, water, and sewer. You can only stretch old infrastructure so far before it inhibits your growth. Now is the time to assess your identity management infrastructure.