{"id":9051,"date":"2018-07-31T15:00:53","date_gmt":"2018-07-31T19:00:53","guid":{"rendered":"https:\/\/michigan.it.umich.edu\/news?p=9051&preview=true&preview_id=9051"},"modified":"2024-07-08T06:05:49","modified_gmt":"2024-07-08T10:05:49","slug":"role-access-management-a-smarter-way-to-grant-access","status":"publish","type":"post","link":"https:\/\/michigan.it.umich.edu\/news\/2018\/07\/31\/role-access-management-a-smarter-way-to-grant-access\/","title":{"rendered":"Role & access management: A smarter way to grant access"},"content":{"rendered":"

\"An10,456<\/strong><\/p>\n

That\u2019s the number of permissions requested by the U-M community since January 2017 for just one system. In this case, it was to add or remove M-Pathways roles in Financials & Physical Resources System. Countless more access requests for universitywide or unit-specific systems or resources happen daily.<\/span><\/p>\n

Determining the correct level of access in multiple systems is an arduous task that needs to be done every time someone joins the university or takes on new responsibilities. It often requires in-depth knowledge of both the system and how the person will need to use it. Requesting access takes time, creates a great deal of administrative burden, and adds up to a staggering amount of effort spread across the entire university.<\/span><\/p>\n

Creating a new tool to manage access<\/b><\/h1>\n

The Role and Access Management Project, part of the Enterprise Identity and Access Management (EIAM) program, selected and began to create a tool to improve how access is granted and revoked at U-M. It is designed to accelerate start-up time for new employees, improve data security, replace some manual processes, increase the ability to track and report on access, and simply make it easier for authorized individuals to access the right U-M resources when they need them.<\/span><\/p>\n

Over the last year, the project team members from Information and Technology Services (ITS) and Health Information Technology & Services (HITS) worked with academic, clinical, and administrative partners to conduct a thorough request for proposal. In January 2018, the cross-campus team selected the Identity Governance tool to provide the new capability to all U-M campuses, including Michigan Medicine. \u00a0<\/span>Learn more about the team\u2019s selection process.<\/span><\/a><\/p>\n

<\/i><\/div><\/div>
About the EIAM Program<\/div>Completed in June 2018, the\u00a0Enterprise Identity and Access Management (EIAM) program<\/span><\/a> at U-M coordinated IAM efforts for all four U-M campuses to simplify and improve the technology and administrative processes that allow authorized individuals to access U-M resources. The multi-year initiative was jointly funded by the Office of the Provost and Michigan Medicine through the end of FY18.<\/div><\/div>\n

 <\/p>\n

Benefits of role-based access using Identity Governance<\/b><\/h1>\n

When used with a system or application, Identity Governance will help make sure individuals can access the right resources for the right reasons. Additionally, the tool is designed to answer who has access to which resources, and when and why that access was provided. <\/span><\/p>\n

The two teams are working towards using the tool to demonstrate the following benefits:<\/span><\/p>\n