By Keith Wessel, Principal Identity and Access Management Specialist, University of Illinois Urbana-Champaign
Provisioning is hard. Provisioning well is even harder. There are many ways an organization can provision identities, credentials, services, and more, but finding ways that scale, handle edge cases, and stand the test of time can be extremely challenging.
Then there’s de-provisioning: the thing that we say we’ll get to later but don’t until there’s a security incident or licensing costs go through the roof.
The Big Ten Academic Alliance’s Identity Task Force, in conjunction with other Internet2 community members, is doing something about this. The task force has taken the combined experiences and wisdom of several BTAA consortium schools and beyond to build a cookbook of best practices for provisioning and de-provisioning. Whether you’re inventing an identity and access management (IAM) program for the first time, re-inventing one, or just want to do what you already do better, this cookbook can help. The cookbook will be given its first unveiling during a Dec. 7 session at the Internet2 Technology Exchange in Denver.
Now, we need your help to make it even better. Before we call it finished, the authors are working with InCommon to open it up to a community consultation. We need the broader community to read our best practices and let us know how we’re doing.
If you see something missing or an item that you don’t agree with, use the community consultation to let us know. Your assistance can help us put the finishing touches on a document that we’re confident will help a lot of organizations make provisioning work well. The consultation is available and is open until Jan. 31. Thanks in advance for helping us with your feedback.