InCommon Collaboration Success Program Case Study
West Chester University
Executive summary
West Chester University (WCU) engaged with the Collaboration Success Program (CSP) to develop an identity and access management (IAM) roadmap. One of the university’s primary goals was to shift towards a unified identity system. To accomplish this goal, WCU needed to integrate three ERP systems, maintain support for both formal and informal regulatory reporting, facilitate swift onboarding, offboarding, and access adjustments as required, and grant access to individuals who undergo role changes.
It was imperative for the WCU team to identify and implement an identity solution while minimizing disruptions to operations and user experiences. The CSP program played a pivotal role in helping WCU modernize its identity roadmap, and the university is well on its way to implementing its IAM solution, which will include COmanage, Grouper, midPoint, and Shibboleth.
Solution summary
West Chester University participated in the 2023 cohort of the Collaboration Success Program (CSP) to explore identity and access management solutions.
Trusted Access Platform features supported
Grouper, midPoint, MIM, Shibboleth SSO, Duo.
The project
West Chester University (WCU) engaged with the Collaboration Success Program (CSP) to develop an identity and access management (IAM) roadmap. This plan outlined how the university would move forward with the evaluation of technology products and processes, implementation, and training.
WCU hoped to:
- Explore midPoint’s potential as an IAM solution.
- Build a prototype midPoint environment capable of replacing current account management scripts and processes, provisioning downstream accounts, and successfully reconciling data from PeopleSoft, Banner, and SAP
- Work with Internet2 community members and subject matter experts to obtain deployment guidance and best practices.
The challenge
Presently, WCU faces challenges arising from the existence of separate accounts for students and employees, which leads to difficulties during account transitions. They sought to shift towards a unified identity system known as RamNetID, employing affiliations and establishing clear processes and policies for deactivating accounts with well-defined grace periods.
Furthermore, WCU had the following needs:
- Integrate three ERP systems – PeopleSoft, SAP, and Banner. Essentially, these systems needed to operate in harmony to prevent duplication problems and ensure uninterrupted access while maintaining appropriate access levels for all stakeholders.
- Maintain support for both formal and informal regulatory reporting.
- Facilitate swift onboarding, offboarding, and access adjustments as required.
- Grant access to individuals who undergo role changes, such as transitioning from student to employee or from employee to retired.
It was imperative for the WCU team to identify and implement an identity solution while minimizing disruptions to operations and user experiences.
The solution
WCU is actively progressing toward the realization of its vision and is set to launch a “future state” IAM system in the summer of 2024. At this juncture, the data sourcing process will no longer be conducted within PeopleSoft. “We will employ the Microsoft Identity Manager to provision accounts for new identities using the revised logic that has been under discussion for the past 25 months… thus, we will utilize it for account provisioning,” stated Kevin Partridge, WCU’s executive director of IT Infrastructure Services and deputy CIO.
We’ve discerned that both alterations in business processes and technological advancements will be pivotal in attaining our envisioned end state. These modifications encompass shifts in student statuses and the management of their accounts throughout their academic journey, both before and after graduation. Additionally, the onboarding and offboarding of employees will be governed by an HR system. In the interim, we will implement Microsoft Identity Manager to deliver this solution as we enhance our expertise in midPoint.
Indeed, IAM will be supported by the following at WCU:
- Systems of Record: SAP for employees, PeopleSoft/Oracle, Banner for students
- IAM Solutions: COmanage, MIM, MidPoint, Grouper
- Director & Cloud Services: Microsoft 365, Azure Active Directory (AD), Active Directory
- Single Sign-On: Shibboleth, SAML, CAS, OpenID
- SSO Apps: D2L, InCommon, and more than sixty additional SSO service providers
The result
The WCU team expresses its appreciation for the ongoing feedback, valuable guidance, and best practices generously shared by the leaders and participants of the Collaboration Success Program (CSP). The CSP program has played a pivotal role in helping WCU modernize its Identity roadmap, and the university is well on its way to implementing its IAM solution, scheduled to go live in the Summer of 2024. JT Singh, WCU’s CIO/Sr. associate vice president of Information Services and Technology, shared that, “Participating in CSP helped WCU with its IAM modernization journey working with stakeholders, developing a framework of requirements, evaluating strategies, learning about different toolkits, and achieving tactical successes.”
The project team has already begun work to support the Banner General Person Go-Live, one of the initial modules launched at the university. They are effectively addressing the evolving identity requirements of the university and driving improvements to our existing IAM solution.
Lessons Learned
- Avoid assumptions: It’s crucial not to assume that common terms like “go-live,” “identity,” or “testing validation” have the same meaning for everyone involved. Delving deeper into discussions and clarifying terminology proved essential for achieving alignment.
- Be precise in requirement gathering: Ensure you elicit precise requirements from the integration lead and your partners. Clear and detailed requirements are fundamental for successful project execution.
- Be open to change: Don’t hesitate to change course if necessary. Flexibility and adaptability can be valuable assets in navigating complex projects and achieving optimal outcomes.
About West Chester University
West Chester University is the largest member of Pennsylvania’s State System of Higher Education, which is comprised of 10 state-owned universities within the Commonwealth of Pennsylvania. Founded in 1871, West Chester University is a comprehensive public institution offering a diverse range of more than 180 academic opportunities in 40 fields of study across undergraduate, graduate and doctoral levels. In addition to the main campus in West Chester, the university offers programs through its graduate center, the campus in Philadelphia, and online. Six colleges and two schools comprise the university: University College, Colleges of Arts and Humanities, Business and Public Management, Education and Social Work, Health Sciences, and the Sciences and Mathematics as well as the Wells School of Music, and the Graduate School. The popular university maintains a consistent presence on both Money magazine’s The Best Colleges in America list and America’s Top Colleges list by Forbes. The university is also a Military Friendly Schools gold status member and has received the Higher Education Excellence in Diversity (HEED) Award from INSIGHT Into Diversity magazine for three years in a row.
Project Team: JT Singh, Kevin Partridge, Steve Safranek, Pete Calvert, Rashed Kabir, Bill Bi, Lisa Disney