Top
Welcome

Thank you for taking time to visit my blog. My name is Drew Olson and I hope to use this space to share ideas and generate conversation regarding identity and access management

This form does not yet contain any fields.
    Recent Postings
    Friday
    Jul152011

    Data Breach #3: Patient Records Stolen at Univ. of Maryland Medical Center

    DateFriday, July 15, 2011 at 8:36AM

    This breach outlines the dire consequences that can result when critical and extremely private personal data can be accessed by the wrong people.  In this case, employees who had open access to not only confidential patient data, but also billing information, were able to steal account info and rob elderly and vulnerable victims.

    The hospital contends that this was the result of a crime and not due to hospital procedures and this may be the case.  But health care organizations are going to have to change policies quick to restrict access to this type of information, or these type of stories will only increase with dire results for patients and the hospital alike.

    I contend that organizations should perform a review of their current identity management and protection policies to see how easy and how many employees could potentially compromise data, such as happened here at the University of Maryland Medical Center. I believe that an identity management solution that is well planned and implemented can allow health care organizations to restrict and monitor access to critical systems containing confidential information. In my own consulting work, I have heard from many security officers admissions of improper access; that too many people can easily access patient data.  An organization without an identity management policy is giving a huge advantage to these criminals.

    The story below is from the Baltimore Sun, July 14. http://www.baltimoresun.com/health/bs-md-identity-theft-20110714,0,3173292.story

     

     

    For information on Tools4ever identity management solutions and how they can benefit any health care organization, please click here.

     

    AuthorDrew Olson | CommentPost a Comment | Reference1 Reference |
    tagged , , , , , in
    Tuesday
    Jul122011

    Benefits of IDM in Higher Ed - Harrison College Case Study

    DateTuesday, July 12, 2011 at 10:43AM

    Often, when we begin working on identity management projects with an educational institution, we really are starting from scratch. The organization typically has been relying on a series of manual processes, scripts, and utilities which can be quite limiting in today's modern environment.  Below is a summary and actual case study that was written by Harrison College in Indianapolis, IN detailing why they had to move forward with IDM and their results working with Tools4ever.


    Problem
    With over 6,000 students using one student Active Directory account, there was a huge opportunity to streamline the management of individual accounts as well as deploying a self service password reset solution. Harrison only had a single generic student Active Directory account used by all students. Each student was provided a thumb drive and would log into accounts using the same credentials and would have to save work on their local drive. Additionally, each student was responsible for creating their own email accounts.

    Solution
    Automated solution for managing student user accounts and self-service password reset.

    Connectors
    Google Apps
    CampusVue

    Results
    Increased efficiency in managing user accounts and self service password reset management.

     
    Considerations

    Before Harrison could implement an identity and access management solution they had to ensure the solution they chose met the following requirements:

    Was cost effective;
    Experience with Google Apps API and provisioning accounts;
    Self-service tools that can run 24/7;
    Could integrate easily with CampusVue.

    Being able to integrate fully with Google Apps was critical because the project to bring on an identity management solution also coincided with a project to have each student have a Google account. This would give them access to an email and Google Apps account. Managing the users’ lifecycle for this endeavor called for a robust user management tool.

    Solutions

    With over 6,000 students and 900 staff, Harrison College looked to Tools4ever for a solution to help them with their identity and access management challenge. Tools4ever’s User Management Resource Administrator (UMRA) proved to be the best option in managing the users’ lifecycle and provisioning into the applications and systems the students needed. Additionally, there was a need for Harrison to implement a self-service password reset tool that could also work seamlessly with user accounts.

    Jason Stele, Assistant Director of Information Services, described their need as, “We could have never brought on student email or student Active Directory accounts without Tools4ever. They helped enable us to effectively manage large numbers of individual user accounts with minimal staff resources by leveraging UMRA.” 

    Around the clock support

    Because Harrison College is spread out among 13 campuses and offers an online program they serve students from any given time between 7:00 AM and 10:00 PM. But since most support staff members only work until 5:00 PM it was important that they implement a solution with around the clock support. By also implementing Tools4ever’s Self Service Password Reset Management (SSRPM) solution Harrison College has placed the ownership of password resets into the hands of the student. This has not only allowed password resets to happen after hours, but has also greatly reduced calls coming in during standard work hours.

    Improved Efficiency

    According to Stele, one of the greatest advantages of deploying UMRA has been a significant resource reduction in managing the users’ accounts. Together, UMRA and SSRPM have enabled Harrison College to utilize connectivity with Google Apps as well as CampusVue to roll out efficient tools to the student population. UMRA has also laid the groundwork for the implementation of additional technologies that will allow both the staff and students to have fast and secure access to the tools and systems they need.

     

    For more information on tools4ever, please visit our site.

     

    AuthorDrew Olson | Comment2 Comments |
    tagged , , , , , , in
    Friday
    May272011

    Challenge of cloud based email - Google Apps - Live@edu/Office 365

    DateFriday, May 27, 2011 at 8:49AM

    I have written previously about the proliferation of cloud based email solutions such as Google Apps and Microsoft's Live@edu, but the continuous growth in the public and private sectors warrants discussion of some of the challenges with these new systems.  As I mentioned before, there are tremendous benefits to these systems, especially for school districts and universities, but they do create a new level of provisioning and password management to an organization's current identity management process.

    These systems are not natively integrated to an organization's directory service (Active Directory, eDirectory, Open Directory) which means an additional process to the onboarding and deprovisioning policies.  Additionally, because passwords are not synchronized with Active Directory, an even greater burden is placed on IT and the help desk for password resets for these accounts. Furthermore, anyone currently using either of the mentioned hosted email solutions will know that the native management tools such as Google Sync or Windows Live Admin Center are not staying current with the fast changing feature set.  For example, managing dynamic distribution groups is not easily done and this is a huge disservice to Live@edu users.  In Google Apps, users are now taking advantage of the new container structure but finding managing these OUs and groups with Google Sync to be an incredibly frustrating experience.

    Fortunately, these organizations can partner with a company like Tools4ever who has the experience to solve these challenges and to help strengthen the business case for implementing new cloud based email systems.  Tools4ever's User Management Resource Administrator (UMRA) can provide an all encompassing provisioning process that can automatically pull data from a student information system and create an Active Directory account and an account in Live@edu or Google Apps.  As the student progresses and moves from different classes and grades throughout the district, UMRA will automatically keep their account up to date.  UMRA can also automatically manage class email lists using data in the SIS and provide self service management options to end users, such as teachers, to easily add and remove users from email groups.

    Tools4ever can also provide password management options that can link between your email and directory service.  Their Password Synchronization Manager will keep passwords synchronized between each account and the Self Service Reset Password Management software will provide an end user system for resets using a challenge and response mechanism. 

    For more information on how Tools4ever can help keep your cloud email implementation from costing a fortune, visit our website.

    AuthorDrew Olson | Comment1 Comment |
    tagged , , , , , , , in
    Page 1 2 3 4 5 ... 7 Next 3 Entries »