MICROSOFT HIGHER SOLUTION



Similar documents
MICROSOFT HIGHER EDUCATION CUSTOMER SOLUTION

Manufacturer to Enhance Efficiency with Improved Identity Management

IDENTITY & ACCESS MANAGEMENT

GUIDEBOOK MICROSOFT DYNAMICS SL

Aurora Hosted Services Hosted AD, Identity Management & ADFS

RSA Identity Management & Governance (Aveksa)

Ensim Unify INFRASTRUCTURE OPTIMIZATION FOR MANAGED SERVICE PROVIDERS. An Ensim Business Whitepaper

Okta Identity Management for Portals Built on Salesforce.com. An Architecture Review. Okta Inc. 301 Brannan Street San Francisco, CA 94107

RESEARCH NOTE CYBER-ARK FOR PRIVILEGED ACCOUNT MANAGEMENT

Office365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street San Francisco, CA

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

White Paper. What is an Identity Provider, and Why Should My Organization Become One?

System Center 2012 Suite SYSTEM CENTER 2012 SUITE. BSD BİLGİSAYAR Adana

Identity and Access Management

Cloud Services Catalog with Epsilon

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

A Big Opportunity: Microsoft Advisor Platform & Salentica

SOLUTIONS. Microsoft Dynamics Business Management Solutions

Microsoft Dynamics AX 2009 Installation Guide. Microsoft Corporation Published: November 2009

Documentation. CloudAnywhere. Page 1

Cayosoft Administrator. Modern Administration. Cayosoft.com. Unify, Simplify and Secure Microsoft Administration. Features at a Glance

Realize More Success with Software-plus-Services. Cloud-based software from Microsoft Dynamics ERP

ZervicePoint Provides Automated, End-to-End Provisioning of Accounts, Services, and Material

Avanade Develops Innovative Technologies for TASER

agility made possible

Intranet Buyers Workbook

Unleash the Full Value of Identity Data with an Identity-Aware Business Service Management Approach

State Agency Reduces Time to Set Up New Users by 85 to 90 Percent

Datacenter Management and Virtualization. Microsoft Corporation

Oracle Identity Management: Integration with Windows. An Oracle White Paper December. 2004

10751-Configuring and Deploying a Private Cloud with System Center 2012

Veritas Enterprise Vault.cloud for Microsoft Office 365

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment

Transacting Partner in Microsoft Sales System. Fast Track / Onboarding Center Registered Deployment. Partner

Google Apps Deployment Guide

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Ariba Supplier Network. Helping Buyers and Suppliers Discover, Connect, and Collaborate Using a Single, Comprehensive Platform

Made for MSPs by an MSP

Simplify SSL Certificate Management Across the Enterprise

Softerra Adaxes Enterprise Directory Solution

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation

GUIDEBOOK MICROSOFT DYNAMICS GP

Top 8 Identity and Access Management Challenges with Your SaaS Applications. Okta Inc. 301 Brannan Street San Francisco, CA 94107

IBM SmartCloud Workload Automation

Construction & Building Material Manufacturing. Creating excellence & efficiency for greater profitability

IT Service Management with System Center Service Manager

Identity and Access Management for the Hybrid Enterprise

Turn Your Business Vision into Reality with Microsoft Dynamics GP

Unifying IT How Dell Is Using BMC

How to Audit the 5 Most Important Active Directory Changes

Identity and Access Management: The Promise and the Payoff

Case Study - MetaVis Migrator

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

Turn Your Business Vision into Reality with Microsoft Dynamics GP

Microsoft Office 365 Helps Communication Company Connect Employees

Course 10751A: Configuring and Deploying a Private Cloud with System Center 2012

Centrify Cloud Connector Deployment Guide

Novell to Microsoft Conversion: Identity Management Design & Plan

Customers and Shareholders Benefit as Global Manufacturer Deploys Management Solution

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

QLIKVIEW IN THE ENTERPRISE

The Stacks Approach. Why It s Time to Start Thinking About Enterprise Technology in Stacks

EXECUTIVE VIEW. EmpowerID KuppingerCole Report. By Peter Cummings October By Peter Cummings

CA SiteMinder SSO Agents for ERP Systems

Power Company Improves Customer Service, Decreases TCO with Microsoft SAP Solution

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

Enterprise Asset Management made for Microsoft Dynamics AX

MCSE: Private Cloud Training Course (System Center 2012)

The Unique Alternative to the Big Four. Identity and Access Management

Configuring and Deploying a Private Cloud with System Center 2012

Business-Driven, Compliant Identity Management

MassTransit Leveraging MassTransit and Active Directory for Easier Account Provisioning and Management

Healthcare Company Improves Project Management and Revenue Recognition

Team Avanade Project Total 17 Consultants. Accenture Business Services for Utilities Project Total 3 Consultants

How To Create A Help Desk For A System Center System Manager

Microsoft Partner Network. Cloud Services Dashboard User Guide

DELIVERING EXCEPTIONAL CUSTOMER CARE

Sage ERP I White Paper. An ERP Guide to Driving Efficiency

Credit Suisse Develops and Deploys SOX 404 Compliance Solution using SQL Server 2005

Identity Management and Single Sign-On

VALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud

Unleash Your District s Performance and Efficiencies. K-12 Financial and Personnel Management Software and Services

Deployment of Cisco Extension Mobility in Enterprises White Paper

MS 10751A - Configuring and Deploying a Private Cloud with System Center 2012

GROW. From Intuit QuickBooks to Microsoft Dynamics GP: A move that makes sense for growing businesses

Managing Access for External Users with ARMS

Office 365 deploym. ployment checklists. Chapter 27

Transcription:

SOLUTIONS AT A GLANCE United States Higher Education Gr Canyon University () is a private Gr Canyon has approximately University () 41,500 is students, a private 111 Christian full-time college faculty located members, in Phoenix, a pool of Arizona. more than has 2,500 approximately adjunct faculty 41,500 members, students, 111 full-time 2,600 staff faculty members, administrative a pool of more than 2,500 adjunct faculty members, 2,600 staff administrative relied on a mix of manual processes relied sought on an a mix identity of manual management processes solution limited that could automation help it to deliver manage an improved user accounts, experience sought an for identity students, management faculty, staff, solution IT that could help it deliver an improved experience for students, faculty, staff, IT for adopted managing Microsoft identities, Forefront creden-tials, Identity Manager identity-based 2010, a access comprehensive policies. solution for managing identities, creden-tials, identity-based access policies. One-hour account access provisioning to information Increased Significant security reduction in IT effort access experience to information for students, faculty, Significant reduction in IT effort Cost-effective, experience rapid for results students, faculty, MICROSOFT HIGHER MICROSOFT EDUCATION HIGHER CUSTOMER EDUCATION SOLUTION CUSTOMER SOLUTION Case Study Case Study Identity management solutions from other vendors were 5 to 10 times more expensive would have required additional training to augment our IT skill set. Identity management solutions from other vendors were 5 to 10 times more expensive Dan Cotterman, Director of IT Infrastructure, Gr Canyon University would have required additional training to augment our IT skill set. Gr Canyon University (), a private Dan Christian Cotterman, college, Director of has IT Infrastructure, increased enrollment Gr Canyon more University than tenfold since 2003. Prior to 2010, used a mix of manual processes limited automation Gr Canyon University (), a private Christian college, has increased enrollment more than to provision manage user accounts, resulting in more more work for the IT department tenfold since 2003. Prior to 2010, used a mix of manual processes limited automation as the university has continued to grow. adopted an identity management strategy based to provision manage user accounts, resulting in more more work for the IT department on Microsoft Forefront Identity Manager 2010, which, with help from Insight, a Microsoft Gold as the university has continued to grow. adopted an identity management strategy based Certified Partner, the university now uses for managing identities, credentials, identitybased access across more than a half-dozen applications. An integrated solution for identity on Microsoft Forefront Identity Manager 2010, which, with help from Insight, a Microsoft Gold Certified Partner, the university now uses for managing identities, credentials, identitybased access across more than a half-dozen applications. An integrated solution for identity management has resulted in faster account provisioning; enhanced security; improved access to employee information; a more satisfactory experience for students, faculty, ; a management has resulted in faster account provisioning; enhanced security; improved access significant reduction in IT workload. to employee information; a more satisfactory experience for students, faculty, ; a significant reduction in IT workload. THE CHALLENGE Phoenix, Arizona based Gr Canyon University () is a private, accredited Christian THE CHALLENGE college. Founded in 1946 by the Baptist General Convention of Arizona, offers online Phoenix, Arizona based Gr Canyon University () is a private, accredited Christian campus-based bachelor-, master-, doctoral-degree programs. The university is recognized as college. Founded in 1946 by the Baptist General Convention of Arizona, offers online a leading provider of online education by sources that include Fortune Small Business magazine, campus-based bachelor-, master-, doctoral-degree programs. The university is recognized as Technology & Learning magazine, the Online Education Database. a leading provider of online education by sources that include Fortune Small Business magazine, Technology From its founding & Learning until magazine, 2003, operated the Online as Education a traditional Database. nonprofit college. In 2004, private investors acquired converted it to a for-profit institution. Since then, the university From its founding until 2003, operated as a traditional nonprofit college. In 2004, private has enhanced its senior management team, exped its online platform programs, investors acquired converted it to a for-profit institution. Since then, the university initiated a marketing bring effort to further differentiate itself part of an overall has enhanced its senior management team, exped its online platform programs, strategy to support profitable, sustainable growth while bringing value to students, employees, initiated a marketing bring effort to further differentiate itself part of an overall investors. If enrollment figures are any indication, that strategy has been successful; strategy to support profitable, sustainable growth while bringing value to students, employees, has increased enrollment from approximately 3,000 students at the end of 2003 to more than investors. If enrollment figures are any indication, that strategy has been successful; 41,500 students at the end of 2009. has increased enrollment from approximately 3,000 students at the end of 2003 to more than 41,500 Like most students universities, at the end of relies 2009. on several systems applications to support the business of education. UltiPro, a cloud-based solution, supports human resources (HR). Microsoft Dynamics Like most universities, relies on several systems applications to support the business of CRM is used to track potential students. uses the Blackboard ANGEL learning management education. UltiPro, a cloud-based solution, supports human resources (HR). Microsoft Dynamics system for online classes, it uses the CampusVue student information system to manage CRM is used to track potential students. uses the Blackboard ANGEL learning management deliver information on student data, degree programs, academic records. Student system for online classes, it uses the CampusVue student information system to manage faculty email is hosted by Microsoft Live@edu, staff email is provided by Microsoft Exchange deliver information on student data, degree programs, academic records. Student Server 2007, uses FM:Space to track space allocation at its facility hle faculty email is hosted by Microsoft Live@edu, staff email is provided by Microsoft Exchange Server 2007, uses FM:Space to track space allocation at its facility hle

physical moves. Many of these applications rely on Active Directory Domain Services a feature of the Windows Server 2008 R2 operating system for authentication access rights. The university maintains two Active Directory service forests: STAFF, which houses staff faculty accounts, STUDENT, which houses student accounts. As has grown, so has its need for a comprehensive identity management strategy. Prior to 2010, the provisioning, deprovisioning, management of staff accounts were supported by manual processes. HR would enter new employee information in UltiPro, then manually generate a trouble ticket for the IT department. In turn, IT staffers made the necessary adjustments in about a half-dozen different systems applications by h. As enrollment at the university has grown, so has the IT department s identity management workload. We couldn t keep up with the workload, even with two people devoted to such efforts, says Dan Cotterman, Director of IT Infrastructure at. Processing requests from HR took up to a week, resulting in new hires sometimes showing up for work before their accounts were ready presenting security risks with respect to terminations. In addition, because our global address list [GAL] only contained first name, last name, email address, people had no easy way of determining someone else s department, title, or office location. Of course, all of these manual processes sometimes resulted in duplication of effort errors in data entry. Provisioning of student faculty accounts was somewhat automated, albeit in a way that was difficult to support or extend. Information on new students flowed from Microsoft Dynamics CRM through Microsoft BizTalk Server 2009 into CampusVue. The IT department then used a custom tool called Accounts that was developed by a consultant to provision accounts in Live@ edu, CampusVue, the STUDENT Active Directory forest. The Accounts tool, which was based on PHP ran on Apache, used a number of complex Perl scripts for import export. It also provided web-based password reset capabilities for the STUDENT Active Directory forest Live@edu. The Accounts tool was a custom application based on technologies we don t typically use, which made it hard to maintain virtually impossible to extend, says Cotterman. Our goal was to move toward a single, integrated solution for identity management one capable of supporting all our identify management needs across students, faculty,. THE SOLUTION Gr Canyon University adopted an identity management strategy based on Microsoft Forefront Identity for managing identities, credentials, identity-based access policies across heterogeneous environments. We identified the leading vendors of identity management solutions including Microsoft, Oracle, CA Technologies evaluated their offerings in the context of our current technology stack skill set, says Cotterman. Microsoft came out on top in all areas, including ease of implementation, ease of management, costs. Identity management solutions from other vendors were 5 to 10 times more expensive would have required additional training to augment our IT skill set. Gr Canyon University () is a private has approximately 41,500 students, 111 than 2,500 adjunct faculty members, 2,600 staff administrative relied on a mix of manual processes sought an identity management solution experience for students, faculty, staff, IT for managing identities, creden-tials, After selecting Forefront Identity Manager in January 2010, set out to find a capable implementation partner. The university chose Insight, an Insight company a Managed Microsoft Systems Integrator (SI) Gold Certified Partner, for Identity Security, which has multiple Microsoft Forefront Identity Manager MVPs on staff. Insight did a great job, says Cotterman. One area where Insight really excelled was in helping us communicate with stakeholders across the business for example, by helping us explain why we were asking for certain things the benefits that stakeholders would receive. A Phased Approach to Implementation To quickly begin delivering results, decided on a phased approach to implementation.

In phase one, which focused on improving identity management for staff, the university used Forefront Identity Manager to: Automate the application of changes to the university s STAFF Active Directory forest Microsoft Exchange Server 2007 infrastructure based on changes made by the HR department in UltiPro. Populate the GAL with information such as department, title, supervisor, office location from FM:Space. Support self-service password reset for staff through an intranet portal. Work on phase one began in March 2010 took just over four months. During the first four weeks, Insight led through an infrastructure optimization assessment process, which helped uncover the real business drivers for the project led to a roadmap on how to progress. The design phase that followed took five to six weeks, after which the project team spent approximately eight weeks building testing the solution before deploying it in July 2010. With phase one complete, had successfully automated identity lifecycle management for staff. Phase two focused on exping the use of Forefront Identity Manager to manage the identity lifecycle for students faculty including the orchestration of changes to user accounts in Microsoft Dynamics CRM, CampusVue, Live@edu, the STUDENT Active Directory forest. Although it could have implemented phase two using only Forefront Identity Manager, decided to retain BizTalk Server as a solution component. Cotterman explains the logic behind that decision: We were already familiar with a service bus approach based on BizTalk Server. We could have used Forefront Identity Manager to connect directly with all target systems, but it would have required having Insight build the necessary connectors. By using Forefront Identity Manager for policy enforcement BizTalk Server for integration, we can bring additional systems applications into the fold using existing IT skills. To meet the university s needs, Insight extended Forefront Identity Manager by using an opensource, community-supported solution from CodePlex to provide enhanced reporting (see fimdpe.codeplex.com). Insight also implemented more granular role-based access control for applications than the amount supported out of the box, including access based on: Membership in a calculated set, such as all employees in the HR department. Explicitly granted permission, as man-aged through a formal approval process. Temporal requirements for example, providing access for only a certain period of time. Phase two also included deployment of Active Directory Federation Services 2.0 a downloadable feature for the Windows Server 2008 R2 operating system to provide single sign on for UltiPro based on users domain credentials. In the past, users in the HR department had to maintain a separate username password for UltiPro, says Cotterman. Today, if a user is logged on to our domain, he or she can click on a link to our cloud-based HR solution immediately start using it without having to log on or maintain separate credentials. Gr Canyon University () is a private has approximately 41,500 students, 111 than 2,500 adjunct faculty members, 2,600 staff administrative relied on a mix of manual processes sought an identity management solution experience for students, faculty, staff, IT for managing identities, creden-tials, Cotterman sees Active Directory Federation Services as a tool that will quickly be exped to support single sign on for other hosted or cloud-based solutions. We rely on Coupa for requisition procurement management, WingSpan for employee performance management, Kronos for employee time-tracking all of which are hosted in the cloud, he says. With Active Directory Federation Services, we ll be able to easily deliver single sign on across all those cloud applications. Efficient Automation Today, the university s HR system is the authoritative source of information for staff faculty data. Forefront Identity Manager picks up changes made in UltiPro on an hourly basis determines what to do with them based on certain employee attributes. For example, staff

faculty get Active Directory credentials, also get an Exchange Server account. Additionally, Forefront Identity Manager extracts information from FM:Space as space assignments or physical moves around the facility are made, using it to populate the university s GAL. Self-service password reset is available for on-premises staff is now the primary means of password reset for domain-joined systems. Hiring managers automatically receive an email with a new hire s account information including account name, email address, temporary password, says Cotterman. Desktop support personnel are notified as soon as a new account is provisioned, allowing for faster setup of that user s PCs. Architecture implemented Forefront Identity Manager on the Windows Server 2008 R2 Enterprise operating system. Forefront Identity Manager BizTalk Server both use Microsoft SQL Server 2008 Enterprise database software running on Windows Server 2008 R2 Enterprise for data storage. The Forefront Identity Manager web portal, an out-of-the-box solution component, runs on Windows SharePoint Services 3.0. THE RESULT The university s adoption of Forefront Identity Manager has yielded several benefits, including faster account provisioning, improved security, more accurate complete information in its GAL. These improvements are delivering an improved experience for students, faculty, staff, who no longer need to wait for access to the university s systems applications. The new solution has also resulted in a significant reduction in IT workload enabling to reallocate two IT staffers to delivering new business value instead of maintaining user accounts. With help from Insight, the university has been able to realize all these benefits quickly costeffectively. We now have a comprehensive identity management strategy supported by a single, integrated solution, says Cotterman. The entire account provisioning process is automated in a predictable, consistent manner, we couldn t be more pleased with the way everything is working. We ve made a major leap forward in terms of IT maturity are now much better positioned to support the needs of faculty, students,. One-Hour Account Provisioning has greatly reduced the time to provision accounts for new hires, which took up to a week in the past. Accounts for new hires are provisioned within one hour of that new employee being entered into our HR system, says Cotterman. Part of that time savings comes from helping HR optimize their processes; now that they know their actions drive the account provisioning process, they re entering information on new hires more quickly not just when they need to process the new hire s first paycheck. Gr Canyon University () is a private has approximately 41,500 students, 111 than 2,500 adjunct faculty members, 2,600 staff administrative relied on a mix of manual processes sought an identity management solution experience for students, faculty, staff, IT for managing identities, creden-tials, Delegation of authority enables privileged HR administrative personnel to use the Forefront Identity Manager web portal to enter new employees immediately, allowing urgent actions to be fulfilled even more quickly. Increased Security Deprovisioning of employee accounts is just as fast, which helps improve security for situations such as terminations. Terminated employee accounts are also deprovisioned within an hour, account access can be immediately blocked by HR through use of the Forefront Identity Manager web portal, says Cotterman. This improves security for all IT systems line-of-business applications that use Active Directory Domain Services for authentication. A Forefront Identity Manager workflow hles the rest, including removal of user accounts from Microsoft Dynamics CRM CampusVue.

Improved Access to Employee Information Account information in the university s systems is now much more accurate. Today, we have one source of the truth, says Cotterman. In the past, issues such as typos misspellings or changes to an employee s preferred name such as William versus Bill caused reconciliation issues a few times per month, says Cotterman. Today, employees can change fields such as preferred name through the self-service portal, those changes are automatically propagated to all affected systems. Employee information is also more complete accessible. The university s GAL now includes every employee s title, department, department code, manager, office location all information that was difficult for people to look up in the past. Reduced IT Effort The integrated identity management solution is also helping reduce its IT help-desk workloads. We ve reduced the IT effort related to user account maintenance by about 320 hours per month equivalent to two full-time IT employees, says Cotterman. Help-desk calls are also down because staff can now reset their own passwords, change preferred names, so on. With employee attributes, such as specific departments, now included in the GAL, IT personnel are also more efficient at maintaining distribution lists. In the past, distribution lists were maintained on a user-by-user basis, explains Cotterman. Today, those lists can be managed by using groups of employees, such as everyone in the Finance department. This IT time savings has enabled the reallocation of existing IT staffing budget to new projects. The IT time savings we re realizing with Forefront Identity Manager is like saving [U.S.] $150,000 per year, in that it enables me to reallocate two full-time resources to delivering new business value instead of maintaining user accounts, Cotterman says. Improved Experience for Students, Faculty, Staff Streamlined account provisioning is improving the user experience for staff, faculty, students, who now have faster, easier access to all the IT resources they need from their first day at. Staff are more productive because their accounts are ready on day one, says Cotterman. Our use of Active Directory Federation Services is also making staff more productive because they don t need to maintain as many user names passwords for the cloud-based solutions we use. Faculty students are also benefiting from an improved experience. In the past, although provisioning student faculty accounts was somewhat automated, it could still take a few days, says Cotterman. Today, after a student is enrolled in a class, the necessary user accounts are automatically provisioned in all the right systems. New students receive an email with a temporary password a link to our web portal, where they can set their own password, get a email address,, if necessary, return at a later time to reset the password. Gr Canyon University () is a private has approximately 41,500 students, 111 than 2,500 adjunct faculty members, 2,600 staff administrative relied on a mix of manual processes sought an identity management solution experience for students, faculty, staff, IT for managing identities, creden-tials, Cost-Effective, Rapid With assistance from Insight, was able to quickly cost-effectively adopt an integrated strategy for identity lifecycle management. Each phase of the project took approximately four months to imp-lement, at a cost of 10 to 20 percent of the amount that solutions from other vendors would have cost. Thanks to the guidance assistance provided by Insight, our implementation of Forefront Identity Manager 2010 has been an unqualified success, says Cotterman. The largest effort on our part was working with the different departments within to agree on optimize the associated business processes. There was a little pushback in the beginning because the groups were all busy, but Insight did a great job helping us with the use cases ultimately selling

the benefits. All stakeholders are very pleased today, the IT department has quickly gained additional credibility across the organization. Microsoft For more information on how Microsoft its partners are helping to support higher education institutions worldwide, please visit www.microsoft.com/education/highered. INSIGHT A WORLD OF TECHNOLOGY RESOURCES Global provider of information technology (IT) hardware, software service Higher solutions Education to business public sector organizations $5.3 billion in revenue in 2011 Gr 5,300 Canyon teammates University worldwide () is a private Christian Operations college in 23 located countries, in Phoenix, serving clients Arizona. in 191 has countries approximately worldwide 41,500 students, 111 full-time 2,300+ product faculty members, industry a pool certifications of more than Global 2,500 software adjunct reseller faculty with members, extensive 2,600 License staff Management administrative Services Software lifecycle support for 80 percent of global Fortune 500 Number relied 460 on on a mix the of 2012 manual Fortune processes 500 sought an identity management solution experience for students, faculty, staff, IT for managing identities, creden-tials, Insight the Insight logo are registered trademarks of Insight Direct USA, Inc. All other trademarks, registered trademarks, photos, logos illustrations are the property of their respective owners. 2012, Insight Direct USA, Inc. All rights reserved. Updated 6.12. 12-13682

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information