2019 Technology Exchange

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Paranoid IAM: Process and Architecture

Time 12/11/19 09:00AM-09:50AM

Room Oak Alley (4th)

Session Abstract

Most enterprise risk and incident management discussions do or should involve IAM. Are you happy with the speed and quality of your answers when your audit, security, compliance, privacy, or emergency management team comes calling?

In this talk, we'll discuss changes Duke has made to bring transparency and administrative self-service to IAM operations, including:

* On-demand audit reports and standard remediation playbooks for local access concerns
* Standardized templates for automated provisioning/de-provisioning mechanisms that scale reliably
* Streamlined and flexible attribute release policies standardized across retrieval mechanisms
* Distributed curation and centralized presentation of dynamic groups suitable for reporting and access decisions
* Automated visualizations of problem states and projections to resolution time to inform priorities and resource allocation
* Insights into who has (or has had) access to what and why, paired with mechanisms for administrative interruptions to access

We'll discuss specific tooling (with a special focus on Grouper and CAR) as well as generalized principles and lessons that can be applied to any technology stack. Come bring us your pain points, and we'll talk automation/delegation!


Speaker Mary McKee Duke University

Speaker Shilen Patel Duke University

Presentation Media

Primary track InCommon

Secondary tracks Information Security

gold Sponsors

bronze Sponsors