Identity Management Day 2022

Identity Management Day text over a blue background with a white fingerprint icon

In recognition of the second annual Identity Management Day on April 12, hosted by the Identity Defined Security Alliance and National Cybersecurity Alliance, we’d like to call out the work of ITS Identity and Access Management (IAM). When asked what they do, Gail Lift, Application Developer Lead, summed it up nicely: “We give the right people access to the right things at the right time.” 

The IAM team’s mission is to enable access of each member of the U-M community to the resources they need in order to do their job, pursue their studies and research, and live and thrive on campus. And the volume of records and data they manage is staggering: 

  • Over 1 million uniqnames
  • Almost 100,000 groups
  • Over 115,000 user authentications every 24 hours
  • More than 60 requests for enterprise system access daily

The National Cybersecurity Alliance provides another context on the importance of the IAM team’s work. “Everyone has a digital identity made up of personal data online. This identity data is incredibly valuable to cybercriminals, whether it comes from your social media profiles, search engine history, or email accounts. If your account is compromised, your identity may be stolen by cybercriminals, with the intention of stealing money, conducting phishing attacks against others, and even committing identity theft.”

Protecting your digital identity is at the forefront of what the IAM team does. This Identity Management Day, do your part in safeguarding your login credentials and U-M digital resources by following these best practices:

  • Configure the security settings on your devices and apps. Every time you sign up for a new account, download a new app or get a new device, immediately configure the privacy and security settings to your comfort level. Check the settings on old accounts and delete any apps or accounts you no longer use.
  • Think before you click. If you receive an enticing offer via email or text, don’t be so quick to click on the link. Instead, go directly to the company’s website to verify it is legitimate. If you’re unsure who an email is from—even if the details appear accurate—or if the email looks “phishy,” do not respond and do not click on any links or open any attachments found in that email as they may be infected with malware.
  • Update your software on your personal computer. In addition to your computer, keep the software on all your internet-connected devices – including smartphones and tablets – current to reduce the risk of infection from ransomware and malware.