Informs and engages the UNB community on IT developments and news

Management Briefing - Introducing Access Manager 1 0

Author: ITS

Posted on Jun 17, 2014

Category: Management Briefings

Background Access control is an activity that ensures users—primarily full and part‐time faculty and staff—of UNB IT systems have appropriate access rights to the various resources they need to carry out myriad tasks on UNB’s computing infrastructure and services. The Access Control unit within ITS is responsible for ensuring appropriate access is provided in a timely and efficient manner following documented processes, and for enforcing access policies. While access control is implemented by ITS, it is others who define it; each department and unit is responsible for determining who should have access to specific online services, and for requesting and approving those accesses. With hundreds of networks, hardware systems, applications, services, web sites, and databases in use at UNB, access control is a complex and, up to now, highly manual process. As one might expect, access control that depends heavily on human action and intervention is prone to delays, and is largely un‐auditable. This causes all sorts of problems, particularly when access needs to change, for example as people leave the university, or transfer to other units within it. Furthermore, over the years different access privileges have been assigned many different expiry dates, depending on various circumstances or factors that may or may not have much to do with actual need. Worse, some accesses have no expiry at all, which has been an issue frequently cited by university auditors as a highrisk situation needing to be corrected. Access Manager 1.0 The Access Control unit is pleased to announce the launch of Access Manager 1.0, a software system aimed at automating the access rights process, using state‐of‐the‐art tools and technology to ensure a seamless and error‐free experience for end‐users and access administrators alike. Led by a group of highly‐skilled access professionals and software developers, Access Manager 1.0 represents UNB’s first major step into the end‐to‐end automation of this complicated but crucial process. Features of the new system initially include:
  • A menu‐driven interface allows all users to see what systems and services they have access to, and to browse lists of other accesses they can request
  • Approvers (administrators and supervisors) authorize new and renewed accesses
  • Expiry notices and reminders are sent via email to approvers automatically
  • To ensure a smooth transition, expiry dates in the first year of operation of the new system will coincide with users’ birthdates, and this will be the normal renewal date each year thereafter
  • All accesses have to be renewed at least once annually, but accesses to individual systems and services can be granted for any period less than one year, for example for guests and short‐term employees
Future enhancements While Access Manager 1.0 will greatly streamline the approval process and audit trail for IT system and service accesses for users and approvers, there will still be a lot of work required within the Access Control unit to coordinate and manage the thousands of requests generated every year. The next version of Access Manager, already in early planning stages, will focus on automating the back‐end processes as much as practicable. Future versions, informed by user feedback and engagement, will streamline the system even further.

June 17, 2014, Terry Nikkel, AVP, ITS