Skip to main content
Visit Remote Work Tools & Guidelines and Student Remote IT Support for details on working remotely under the University's Coronavirus (COVID-19) recommendations
Penn Information Systems & Computing Systems Home

Search form

  • Find my LSP
  • Penn
System Status
  • Get Started
    • IT Staff
    • Faculty
    • Staff
    • Students
    • Alumni & Guests
    • ISC Staff
  • Services
    • — Services A to Z —
    • Accounts, Access & Security
      • Access Management Services
      • Active Directory
      • Identity Management Services
      • Information Security Services
    • Applications & Data Analytics
      • Application Development & Delivery
      • Data Analytics
        • Data Analytics at Penn
      • Integration Development & Delivery
    • Backup, Storage & Platforms
      • BackItUp
      • Backup for Desktop & Laptop
      • Cloud Solutions
      • Data Center Services
      • Database & Middleware Services
      • Endpoint Management
      • Recovery Services
      • Storage
      • Virtual Desktop
      • Virtual Server Hosting
    • Community, Support & Learning
      • Classroom Technology Services
      • Desktop Engineering
      • IT Community Events
      • Knowledge Link
      • LinkedIn Learning
      • Provider Support Services
      • Tech Center
    • Consulting & Professional Services
      • Brokered Products
      • HireIT
      • Systems Support & Consulting
      • Technology Forecasting
    • Email, Calendaring & Collaboration
      • Classlists
      • Penn Email Routing
      • Penn+Box
      • PennNet Mailing Lists
      • PennO365
      • PennZoom
      • SMTP-Relay
      • Secure Share
    • Networks & Connectivity
      • Firewall Services
      • Network Design & Installation
      • Network Names & Numbers
      • PennNet
        • MAGPI (Penn's Internet2 Regional Optical Network)
      • PennNet Ethernet Ports
      • Wireless at Penn
    • Phone, TV & Video
      • Broadcasting Studio
      • Contact Center
      • Live Video Streaming
      • Penn Video Network
      • PennFlex Phone
      • PennNet Phone
      • Traditional Telephony
      • Video Content Management
      • Video Production
        • Producing Video Content
    • Web Hosting
      • Web Services
    • — Service Rates —
    • — Service Level Agreements —
  • Security
    • Office of Information Security
    • Security Services
    • Special Projects
    • Policies & Procedures
    • Training & Awareness
  • Collaborations
    • Engaging Penn’s IT Community
    • Identity & Access Management
    • Cloud First
    • Next Generation Unified Communications
    • IT Advisory Groups
      • Common Solutions
      • IT Roundtable
      • Network Policy Committee
      • Penn Technology Investment Committee
        • About PTIC
    • Special Interest Groups (SIGs)
      • Audio-Visual (AV-SIG)
      • Cloud Computing (Cloud-SIG)
      • Data Visualization (DataViz-SIG)
      • Developer SIG (Dev-SIG)
      • High-Performance Computing (HPC-SIG)
      • Instructional Technology SIG
      • Linux SIG
      • Macintosh Networking Group (MacNet)
      • Mobile Technologies (Mobile-SIG)
      • O365 Special Interest Group
      • PC Networking Group (PC-Net)
      • Project Partners SIG
      • Security SIG
      • Social Media SIG
      • Splunk Special Interest Group
      • Super User Group (SUG)
      • Web SIG
    • Technology Services Strategy Review Board
  • News
  • Events
  • About
    • Overview
    • Leadership & Groups
    • Purpose & Values
    • Strategic Goals
    • Recognition
    • Tech Jobs @ Penn
    • Contact Us
  • Hot Topics
  • Get Help
    • Support Center
    • Contact ISC Client Care
    • Rates for All Services

You are here

Home » Internal IAM Project

Internal IAM Project

This project includes a re-engineering of Penn's core IAM infrastructure to dramatically improve the security, efficiency, and usability of Penn's central user- and privilege-management systems. The new cloud-based IAM solution will be implemented in phases, aligned with and leveraging other critical in-flight deployment projects, including the Human Capital Management (Workday) and Next Generation Student Systems (Pennant Records) deployments.

Note: The current IAM infrastructure will continue to serve the needs of campus while we design and deploy the new IAM system. Once ready for service, the new IAM solution will be implemented in phases. There will be no “big-bang” cutover.

Who’s Affected

As this project is infrastructure-based, there will be minimal disruption for existing PennKey holders – users will continue to access their Penn resources as before when the re-engineering is complete. The audiences affected by the project are source data owners (identity source systems), target system owners (consumers of Penn Community data), and ISC IAM-related service owners. The IAM project team will collaborate with representatives from these groups through all phases of the project.

Anticipated Benefits

Following are the anticipated benefits of the Internal IAM project:

  • Enhance security by assigning privileges automatically based on known user identity data and predefined rules
  • Provide an audit trail for – and periodic recertification of – user access rights to ensure users have the correct privileges and to explain how and why they receive them
  • Provide significant user experience improvements and an accelerated onboarding process
  • Streamline request-approval processes and automate account de-provisioning
  • Speed application development with modern identity and access APIs and tools
  • Integrate with on-premises or cloud-hosted applications and/or frameworks to provide real-time provisioning and de-provisioning of user accounts and identity data to partners inside and outside of Penn

FY 2021 Goals

This is a multi-year project. During FY 21, the IAM team, in collaboration with representatives from the Schools and Centers, will focus on the following goals:

  • Purchase IAM product and hire implementation partner
  • Install new Identity Management system in development and test environments
  • Develop plan to address functionality gaps between new product and legacy Penn Community system
  • Complete data management strategy for data conversion, source/target integrations, and manually-entered data
  • Complete identity-matching design and begin data conversion and source system integration
  • Present business process implementation plans for client endorsement

Share:

  • Facebook
  • Twitter
Print
IAM Home
IAM Projects
  • Internal IAM
  • PennPath (Consumer IAM)
Related Initiative
  • Two-Step Verification
Updates
  • Current Update
  • Archive
Resources
  • IAM Program at a Glance
  • Two-Step Impact Report
  • General IAM Resources
  • Penn IAM Resources
  • Penn Community Updates
  • Computing Policies
  • Tech Jobs @ Penn
System Status

© 2021 THE UNIVERSITY OF PENNSYLVANIA — 3401 Walnut Street, Philadelphia, PA 19104 — Report accessibility issues and get help — For ISC Staff