More than 70,000 Ohio State faculty, students and staff have visited my.osu.edu to initiate their first password change, transitioning them to the new Identity and Access Management (IdM) System and contributing to the university’s efforts to consolidate disparate account management processes. The IdM Program’s foundation provides important security and identity management functions across the university in addition to password changing.
Creating Individual Accounts
Everyone associated with The Ohio State University gets an Ohio State Username (lastname.#) and over one million identities are managed with the new IdM system. This includes student applicants, students, faculty and staff employees, and guests. With my.osu.edu, Ohio State Username activation is a self-service process, allowing Ohio State community members to have an active account and access to university resources quickly.
Another improvement in service is the ability for anyone with an Ohio State Username to use self-service to reset a forgotten password. By selecting and answering five security questions, individuals create a way to reset their forgotten password anytime, anywhere, and without contacting support professionals.
By the conclusion of autumn quarter 2011, everyone with an Ohio State Username will have reset their password at my.osu.edu. For faculty, staff, and students, this initial password change also provides the opportunity to manage one less account and password by synching with OSU Wireless. Since my.osu.edu went live in August, more than 17,000 individuals have logged on to the OSU Wireless network with their lastname.# usernames and new passwords.
Accessing OSU Wireless with an Ohio State Username and new password is easier with the help of configuration tools provided by the Office of the CIO. The wireless utility automatically configures devices with Mac OS X 10.7 (Lion), Apple iOS, or Windows operating systems including 7, Vista and XP. Users with Mac OS X 10.5 or 10.6 can follow the video tutorial for step-by-step configuration instructions. A Knowledge Base of resources regarding OSU Wireless is also available through the IT Service Desk.
Managing Sponsored Guests
A new, secure university process is in effect for creating and managing sponsored guest accounts. There are three main roles to be familiar with:
A new role, Sponsored Guest Admin Authorizer, has been created in each of the colleges and university offices. This provides local control and visibility to the colleges and departmental units to manage guests who require a unique Ohio State Username for access to university resources such as Carmen. Sponsored guests may also receive university e-mail and calendaring services by special request to the IT Service Desk.
A guest requiring access to university resources must be sponsored by a current Ohio State faculty or staff member, who takes on the role of Sponsor. The Sponsor is responsible for obtaining the approval from the appropriate authority within the specific college or department, and overseeing the guest’s activities while using university resources. The Sponsor also works with the Sponsored Guest Administrator to collect the appropriate identity information from the guest. Sponsored Guest Administrators have the ability to add, search for, and edit guests through my.osu.edu.
No Longer Affiliated (NLA)
An active affiliation status is equivalent to authorizing security access to university systems. The new NLA inactivation rules address this risk by automatically deactivating account access upon last effective date of employment or as defined for other affiliation types.
Recognizing the need for continued communication in certain circumstances, an employee terminated (not for cause) will have their lastname.# access inactivated on the effective date of termination, but may continue forwarding to a personal e-mail address for 180 days, as long as this information is collected during the roll-off process and entered into the HR system. The improved sponsored guest process will also allow departments to identify instances where an individual needs a renewal of access. A major increase in security posture is achieved by IdM’s ability to immediately terminate access to connected systems for someone who leaves the university for cause.
Managing E-mail Delivery
Ohio State’s faculty and staff have the option to deliver e-mail to the University E-mail Service, including to a departmental address. Students can choose to deliver their university e-mail to Buckeye Mail or another service provider such as Gmail or Hotmail. Since my.osu.edu has been live, the site has assisted in the migration of more than 4,000 faculty and staff mailbox users and more than 64,000 users who deliver to another service, including departmental systems. This collaboration helps the university move towards its goal of one university e-mail system.
For questions and more information, contact the IT Service Desk at firstname.lastname@example.org.