.png)
Providing an Identity & Access Management Solution and Managed Service
Turnkey’s client is a global research university ranked in the top 100 universities worldwide (*QS World Rankings 2020). It has over 40,000 students, including 10,000 at its international campuses, and over 8,000 overseas students at its UK campus.
“
For three years Turnkey has been helping us with the ongoing strategic direction of our IAM system, ensuring it is fit for purpose and always using best practice.They provide us with a professional service; the team is approachable, helpful and quick to respond.”
Challenge
The university has been continuously improving its identity and access management (IAM) system since inception 10 years ago. The system is very large with close to 100,000 users (identities), including UK and international students, as well as nonuniversity associates.
The complexity of managing such a large system that includes integration of databases, Active Directory & Azure Domains alongside its Office 365 meant the university employed a support service to ensure it maintained effective security controls and user processes.
Not having the wide range of skillsets needed to manage it alone, internally, it was critical and more cost effective for the university, to access external support to prevent system misuse and monitor potential business risk. However, the incumbent service was not providing the right level of customer service and the university wished to find a new, trusted advisor for its IAM-related activities.
The university needed to standardise the way students and associates log on to services, wherever they were, whether at the UK campus, or overseas. Centrally managing global identity and the whole user life cycle would streamline the processes of its users, and improve the overall user experience, all whilst providing the right auditing and reporting information for its governance and compliance needs.
Solution
Already familiar with Turnkey, having used its technology services for a number of years, the university engaged Turnkey’s Identity specialists to provide a fully managed service for its IAM estate. This would support its security discipline to enable ‘the right people to access the right systems and data, at the right time, for the right reasons’, globally.
In addition to the managed service, the university worked with Turnkey to create a single, global identity, regardless of where the user logs on. This automates the process of what is known within the university as mobile students, where students can move country during their course and seamlessly access different IT systems and region specific Azure/ Office365 tenants, while keeping their same credentials, vastly improving the student experience and journey. The centrally managed IAM system automatically provisions the required access and enforces the relevant regional security policies that the university has set, without the worry of managing individual systems in UK, overseas, or any manual intervention from university operations.
Turnkey integrated the IAM with over 30 applications including multiple databases (student and staff systems), AD Domains, Azure and Office 365 tenants, as well as collaborating on the implementation of a new self-service password reset (SSPR) which provides much stronger security and controls than previously.
The Joiner/Mover/Leaver (JML) process is now standardised and automated for all staff, students and associates across all campuses. The system creates a start date that automatically sets up an account on that date, and an end date when the person is leaving. It also provides automated notifications and terminations for the leaver.
The relationship that the university enjoys with Turnkey as its trusted IAM advisor means that it can call upon Turnkey to mitigate any new access-related risks across its entire IT landscape, as it constantly evolves. As well as offering best practice, Turnkey provides a safety net of an ongoing managed support service, based on years of expertise in the university sector.
The Systems Engineer at the university says, “Turnkey gives us the confidence and support we need to run our IAM system effectively. It takes away the worry and ensures the credibility of our system, knowing that people only have the right access if they are part of the university eco-system”.
“
Turnkey gives us the confidence and support we need to run our IAM system effectively. It takes away the worry and ensures the credibility of our system, knowing that people only have the right access if they are part of the university eco-system.”
Benefits
- The university has unified and centralised access & password management across its global campuses, with a consistent enforcement of security policies, and automated provisioning for all its staff and students.
- The process for mobile students is automated so students can move their place of study without having to set up new accounts.
- The JML process is automated and standardised for all staff, students and associates of the university.
- High levels of IAM expertise is on hand as and when the university’s technical team requires support.
Future
Turnkey is currently working closely with the university to integrate its new HR platform, Oracle Fusion, with the IAM system. It is also working to ensure the legacy systems continue to work with IAM.