jisc access mgmt_scoping_study_v0_2
TRANSCRIPT
JISC: Extending Access Management into Business & Community Engagement
Scoping Study24th November 2009
Helen Baird, Managing Consultant, Oakleigh Consulting LtdTel: 07930 929031 / 020 7380 1006 [email protected]
Benefits for BCE users of having access to institutional resources – & to economy/society
Requirement for secure, controlled access for targeted groups to certain institutional resources
Identity & access management can enable access for non-traditional user groups
Rationale for study
Assess case for extending identity & access management approaches into BCE
Make recommendations to JISC to inform next steps in this area
Aims
Extensive desk based review
Consultation with sector bodies, HE & FE institutions, users, JISC staff & contractors
Survey of relevant organisations in 8 countries
Approach
No standardisation in how BCE users obtain access rights, or how arranged / administered
Most institutions find ways round rules to grant access – reactive on a case by case basis
Lots of IAM developments across sector, but focus on internal users’ access to, some internal, but mainly externally provided resources
Key findings – current practice
External – e.g. from SMEs, tenants, collaborative research & learning delivery partners, employers, distance & work-based learners, alumni
Internal – IT & library staff want to deal with access for non-traditional groups in systematised way
Future demand – range of factors will influence e.g. open access agenda, demographics, technological, government ID management initiatives
Key findings – demand
Staff & external users unaware/unclear what resources external groups can access – & how to achieve this
Awareness of IAM & benefits is low – language of IAM a barrier in itself
Cultural & organisational barriers in institutions; not technological
Constraints of licensing for third party resources – requirement is for ad hoc, remote access
Issues & barriers
Possible basis for solution – though changes required if use UK AM Federation
Not yet possible for external BCE users to engage as can’t become members
Plus institutions not yet acting as service providers
Policy change required & need a ‘home’ or ‘virtual’ organisation
Federated access management
Institutional – making improvements at individual institution level, e.g. external access policy, more strategic approach to IM
Cross-institutional – regional or subject web portals/networks to facilitate access to resources
‘Ideal solution’ – web interface / portal for targeted groups to access all institutional & third party resources in controlled way
Other possible solutions
Business & community groups would benefit from access to institutional knowledge assets
Extending IAM into BCE not considered high priority for institutions
Study suggests BCE users require clarity on what resources are available to them – & a simple, standardised way of accessing these
Conclusions
With partners decide on vision & strategy for extending IAM into BCE
Explore potential & options of using Federation for access for external users
Take more holistic approach & responsibility for IAM – & share good practice
Help facilitate institutions’ development of IAM solutions for external user groups
Recommendations for JISC