Case Study: Identity Management in Higher Education
Coppin State University
(A Member Institution of the University System of Maryland)
Campus-wide Deployment of Password Management & User Provisioning
Coppin State University is continually recognized for their commitment to enhancing the student experience through the use of technology. Coppin State is a recipient of EDUCAUSE'S Award for Excellence in Networking: Innovation in Network Technology, Services, and Management, joining the likes of past award recipients including Dartmouth College, Purdue University, Duke University, Cornell University, and other higher education leaders. Coppin State was also recognized by Campus Technology as one of the Magazine's "Campus Technology Innovators."
Coppin State’s Information Systems department was no stranger to identity management prior to Fischer's selection. Like many universities and corporation, Coppin State University previously purchased an identity management product to reduce the time and cost to support the identity and access needs of thousands of users. However, the product did not provide the value, growth, integration nor the services Coppin State expected and needed. When the decision was made to replace the product, Coppin State knew the right questions to ask identity technology vendors. Coppin State chose Fischer Identity™ to further enhance the student experience and energize faculty by streamlining multiple business processes.
Coppin State’s Information Systems department is committed to contributing to the university’s objectives including improving service levels to students, increasing enrollment, generating revenue, protecting privacy, and improving operational excellence, but was hindered due to the time, cost, and delay of manually-performed identity tasks. For example:
• Password resets could only be performed on campus. The inability to remotely reset passwords inconvenienced students, but also limited the success of the online registration program, restricted the geographic growth of Coppin’s Distance Learning program, and generally prevented offering remote services.
• Manually provisioning access to network resources created a significant burden on multiple Coppin departments, particularly at the beginning of the Fall semester where 50 to 80 accounts were provisioned daily. Additionally, the paper-based process to onboard adjunct professors typically took one month to complete, with up to 5 additional days for the provisioning work. This resulted in some professors not being able to submit time cards for payroll, or enter grade information when needed.
Coppin State deployed Fischer Identity™ in multiple phases as follows:
Phase I: Password Management and User Self Service
Fischer password management was installed, customized and deployed to over 9,000 users as part of Coppin State’s EagleLINKS Portal, providing online access to university resources, including campus and student systems, online enrollment, and more. Additionally, Coppin configured Fischer password management to authenticate users via challenge/response against personal information safeguarded by Fischer. This approach provided Coppin with greater assurance that each user was indeed who s/he claimed to be, avoided the need to disclose personal data to a help desk representative, and avoided the practice of sending new passwords to users via email.
Phase II: Provisioning Students, Faculty, and Staff
Coppin State deployed Fischer provisioning to automatically provision and deprovision accounts for the entire University community: Administrators, Staff, Faculty, and Students. Specifically, Fischer detects business events (e.g., matriculation, new hire, termination, etc.) in the Oracle-PeopleSoft ERP system in real-time, then automatically provisions (or deprovisions) user access to resources based on Coppin State's business and privacy policies. Fischer automates provisioning to all network and web resources needed across three domains: including Home Directories, Email, Web shares for students, and even permissions based on departmental assignment for employees.
Since deploying Fischer Identity, functional efficiency and user productivity has improved throughout the university:
Password Management: Coppin State’s time-to-value with Fischer password management was less than two weeks, and provided the remote password reset capability that was critical to the success of the EagleLINKS Portal, Distance Learning program, and user satisfaction initiatives. The following results were observed in the first six months of deploying Fischer password management:
• Online registrations doubled due to success of the EaglesLINKS Portal.
• Password reset calls to the Help Desk were reduced by 90%. The observed reduction in calls saved Coppin's IT department an average of 22 hours each week: averaging nearly two hours every day during normal-load periods, and almost eight hours each day during the critical four week period that surrounded the beginning of the Spring semester.
• Improved service levels to students, faculty, and staff: in addition to the convenience afforded by Fischer password management, Coppin’s regained productivity was re-invested by increasing support for applications that support critical, student-facing business processes.
• Coppin State’s Distance Learning enrollment increased due to extended geographic reach and improved access to university resources.
• Privacy protection was enhanced due to Coppin State's creative authentication process and decision to enable self-service identity updates.
Provisioning: Service levels to students, faculty, and staff were enhanced due to day-1 access to needed resources. Coppin’s results included:
• Coppin State’s Information Systems department regained four to eight hours of productivity every day due to automated user provisioning.
• Security and compliance was enhanced due to policy-based provisioning with Separation of Duties enforcement, and through automated account deprovisioning triggered by various events, e.g., matriculation, new hire, termination, add/drop deadline, etc.
• Productivity gains were re-invested by increasing support for applications that support critical, student-facing business processes.
Why Fischer Was Selected
Fischer Identity was selected to replace Coppin State’s existing identity management solution for the following reasons:
- Vendor credentials: Fischer has a proven track record of viewing customers as partners, not as “accounts.”
- Flexibility and capability: Fischer was easily configured to meet Coppin's needs
Agility: Fischer was fast to deploy, change, and extend.
- Long-term solution: Fischer's standards-based, holistic architecture was a key selection factor as it was seen as the only solution that could predictably grow with the university.
- Strength of Provisioning solution: Fischer’s validated Oracle-PeopleSoft integration provided superior flexibility, reliability, and security for provisioning.
- Low operational cost: no programming, straight-forward workflow and policy interface minimizes labor rates and required hours.
- Ability to simplify audits: Fischer’s single audit database records all identity-related events, and enables audit reports to be easily created to satisfy the multiple audits Higher Education institutions face.
- Remote deployment was key in accelerating time to value and controlling costs, plus provided quick access to other system and subject-matter experts when needed.
“We had immediate synergy with Fischer. I went looking to invest in a product and I came back with the best identity management suite available and a commitment that Fischer is as dedicated to our success as we are.*”
“Fischer is the natural choice for Coppin State University. Their SOA framework and out-of the-box functionality were key to keeping our cost down while enabling us to very quickly get up and running.*"
“Provisioning and password management are critical to the university. They’re essential for enabling business processes and student services such as distance learning, online registration, and remote password resets.*”
*Dr. Ahmed El-Haggan
Vice President for Information Technology & Chief Information Officer
Coppin State University
Document MCC-08-200C December, 2009
Copyright © 2008 Fischer International Identity, LLC. All rights reserved.
Fischer International, Fischer International Identity, Managed Identity Services, Managed Identity Services Technology, Identity as a Service, IaaS, the Fischer International Logo, Global Identity Architecture, Built for Business…Yours, and all other Fischer product or service names are the trademarks and/or registered trademarks of Fischer International Identity.