For the students, staff, alumni, and others at Harvey Mudd College in Claremont, Calif., remembering multiple user IDs and passwords to log in to numerous applications was a cumbersome experience. Resetting the inevitably forgotten passwords was time-consuming and frustrating as the help desk was not open 24/7. The beginning of each semester, when many people make transitions, was always hard on IT staff. The Computer and Information Services (CIS) team used complex, lengthy processes for implementing new applications, distributing account credentials to users and maintaining user identities on each application.
Network system administrators were also challenged, as resetting so many forgotten passwords took time away from performing their primary duties. At the same time, employees at the help desk were underutilized, as they could not perform password resets due to the complexity of handling so many systems. In September 2012, the CIS department implemented the Fischer Identity as a Service solution for federated single sign-on and password management. Fischer Identity is available as a cloud-based service or on-campus and enables institutions of any size to simplify, accelerate, and automate the complex task of identity management.
The cloud-based service was selected by Harvey Mudd leaders because it had a track record of success at other higher ed institutions, and did not require extensive training or hiring new staff. Fischer’s responsiveness and creativity in addressing higher ed budget requirements was another plus. With Fischer Identity, the CIS team manages a single set of credentials for each user’s federated accounts, instead of distributing and managing credentials for each individual account. The solution’s user lifecycle management function, as well as the flexibility of workflows to provision and deprovision people at the right time, enable management of users from a student’s initial application all the way through becoming an alumnus.
Fischer proved to be a true partner for Harvey Mudd in the implementation process. When there was difficulty connecting another vendor’s solution to its identity management solution, the Fischer team validated that the problem was not in the identity solution, then stayed engaged with the other vendor through troubleshooting and testing. Fischer representatives also helped the CIS team develop formal project plans with task descriptions to assure timely completion. A phased approach delivered quick wins. Now, users are more self-sufficient, as they can quickly and securely reset their own forgotten passwords. When users choose to call for assistance, help desk employees are able to assist them much more quickly, as the simplified process no longer requires a network administrator. During the first three months of operation, network administrators avoided more than 4,000 password resets, which enabled administrators to dedicate a 2/3 FTE to higher-value tasks. Users also receive simpler login instructions and a single sign-on capability, saving time and preventing frustration.
Security and audit preparation have also improved at Harvey Mudd: policies for strong passwords are automatically enforced and IT staff can easily prove to auditors that password policies are being enforced. And with fewer credentials to remember, end users no longer need to write down their passwords, which avoids potential disclosure. Also, as users no longer have credentials for individual accounts, the CIS team can quickly remove access to a user’s federated accounts by simply changing the user’s directory information. For Harvey Mudd, Fischer Identity as a Service has improved service levels for end users, enabled departments to implement new applications that use common credentials, and refocused IT efforts on higher-priority tasks by simplifying processes and eliminating or redistributing manual tasks.
For more information, visit www.fischerinternational.com/edu