Between 700 and 1,000 new graduate students enroll at the London School of Hygiene & Tropical Medicine each year, and the organization’s small IT team is responsible for creating user accounts for each student in ten or more course modules and eight main applications. Including all the inevitable amendments to module choices and personal details, this process was a month-long job for one IT staff member. The process was inefficient and also delayed granting access to systems.
Historically, students and staff also had to remember multiple credentials for accessing their applications. The School has approximately 20 core applications, and each user typically requires a subset of around 5. Additionally, the School provides authenticated federated access to 80 third-party online journals and databases. The organization wanted to streamline access and to reduce the incidence of forgotten passwords.
The London School of Hygiene & Tropical Medicine deployed NetIQ Identity Manager to automate the creation and deletion of user accounts. When the enrollment team adds a new student to the central student records database, Identity Manager provisions him or her to the central identity vault and to the lightweight directory access protocol (LDAP) tree; it then creates accounts in the relevant applications based on each student’s profile. The solution also handles provisioning for up to 3,000 distance-learning students in a Moodle virtual learning environment (VLE), which is part of a broader University of London initiative.
“Identity Manager gives us much greater speed and accuracy in the creation of user accounts and reduces manual administration,” said Shamina Humphreys, Directory Services Officer at the London School of Hygiene & Tropical Medicine. “In the past, there was a weekly batch run throughout the year for changes and updates, so students could be waiting for up to a week to access a new system. Now, it’s practically instant.”
With NetIQ Access Manager, the School has a single point of control for security and access management. The software provides single-sign-on capabilities, so staff and students need remember only one set of credentials for all applications. This saves time and effort, as well as reduces the likelihood of forgotten passwords.
In the near future, the School will extend the solution to cover access to web-based resources for its 3,000 distance learners.
“It was the flexibility of integration with a broad set of vendor-specific web services that really sold us on Access Manager,” said Steven Whitbread, Systems Officer at the London School of Hygiene & Tropical Medicine. “This capability makes it easier to manage security across dozens of different services, as well as making things much faster and simpler for users.”
Identity Manager enables the efficient and timely creation of new student accounts and access rights. Built-in business rules put students into the correct groups more reliably than before, so there are also fewer errors to correct after enrollment.
As their account expiry date approaches, the solution automatically prompts users to back up their important files before it automatically deprovisions their accounts.
“With Identity Manager, there is now practically zero manual administration around account creation, which used to take one person a whole month to complete,” said Humphreys. “Users also now see almost instantaneous response to change requests.”
Students and staff can now log in once rather than multiple times to access key applications, reducing delays and removing the need to remember multiple complex passwords.
This streamlined access has eased the pressure on the helpdesk team and improved the overall security at the School.
“The solution has both reduced our workload on the IT side and improved the user experience for staff and students,” said Whitbread. “It also makes it easy for us to extend secure access to new applications as we introduce them.”