Microsoft Canadian Colleges Exec Briefing – Identity and Access Mgmt

 enterprise architecture, higher education, it governance  No Responses »
Feb 042011
 

Mark Wahl, Senior Program Manager/Architect, Microsoft Corporation

Identity and Access Management – Business ready Security Solutions

Business needs agility and flexibility and IT needs control – these needs are in competition

Business Ready Security – Protections = protect everywhere, access anywhere,  Access = simplify the security experience, Management = manage compliance, integrate and extend security across the enterprise

Consistent Identity and Access Experiences – for end users, for data owners,  for security adminstrators

Identity Metasystem Architecture

User — access –> Relying Party (authZ = access control, personalization, collaboration)

User — authenticate –> Identity Provider (authN, self service, credentialing)

Identity Provider — token containing claims –> Relying Party

Claims in the Identity Metasystem

  • Claims enable authN, authZ, personalization, and access across boundaries – defines a contract between identity and resource authoritiies
  • tokens and claim transfer protocols beign standardized and interoperable

ForeFront Unified Access Gateway – allows direct access from anywhere as trusted and untrusted connections, creates a virtual private network (claims based authentication supported).  Active Directory will support WS* and SAML standards

ForeFront Identity Manager – provides synchronization to move identity information between systems.   Key functions: identity management, group access, self service password management

Futures

There is a balance between the Person’s need for “contextual separation” and the Person’s need to traverse contexts.  People can bring their own trusted identity and request services.  The concepts of Federated Directory and Minimal Disclosure Token Concepts to protect Relying Parties or Identity Providers to aggregate your service access requests to build a profile of your behaviour and personal information.

There is a lot of governance and policy work to get to the point of having the appropriate identity providers for the appropriate contexts for the claims based system to really be functional.

 Posted by Leo de Sousa at 11:02  Tagged with: , , , ,

Microsoft Canadian Colleges Exec Briefing – Institutional Effectiveness

 enterprise architecture, higher education, it governance, strategic planning  No Responses »
Feb 042011
 

David Raney MD, CEO Nuventive

How do you achieve Institutional Effectiveness?

What questions do you need to answer?

  • are your core learning outcomes improving?
  • how do you assess institutional performance?
  • how do you measure strategic goals?

The Growing Challenges of Accountability – many challenges here centred around disconnect between data and planning

What is Institutional Effectiveness?

  • Efficiencies – business goals
  • Achievement – academic & administrative outcomes
  • Culture of Data Driven Decision Making

Nuventive tool – tracdat now being developed in SharePoint and iWebfolio for individual assessments

Microsoft Platform for Institutional Effectiveness (MPIE) – aligned, balanced, pervasive

Closing the Loop – plan, collect, analyze, utilize, follow-up then repeat

What is seen in a typical assessment cycle is that lots of time is spent on planning and very little time spent using the data to learn what happened and how it can influence the plan.

 Posted by Leo de Sousa at 11:00  Tagged with: , , , ,

Microsoft Canadian Colleges Exec Briefing – Data Sovereignty

 enterprise architecture, higher education, it governance  No Responses »
Feb 022011
 

John Weigelt, National Technology Officer, Microsoft Canada

Data Sovereignty and Privacy

John’s job is to avoid “those unintended consequences” around technology adoption.

Discussion about what constitutes cloud computing especially being clear about the context.  SaaS, PaaS and IaaS all have different contexts and require different approaches when considering data security and privacy.

Microsoft Infrastructure Investment – data centres in North and South Central USA, North and Western Europe, East and South East Asia.

There will no plans by Microsoft to build a Canadian data centre.

There is no economics especially customer base and scaling, higher levels of legal “friction”, and not a viable cost model for Microsoft.

Common Questions about Cloud Computing

  • uncertainty
  • human resources
  • governance
  • security
  • privacy
  • interoperability

The Challenge

Law – BC legislation obliges their government entities to maintain personal info in Canada. Nova Scotia has similar legislation but allows DM to authorize international data transfers

Data Sovereignty

US Patriot Act - mis-perceptions with the business community regarding the US Patriot Act and how the lack of clarity surrounding this piece of legislation has resulted in lost opportunities.   Fred Cate “there is a vanishingly small chance” that the exercise of the Patriot Act can actually be used.  Also look at David Fraser (http://privacylawyer.ca) for an analysis of the national privacy laws.

Security & Compliance Program

Take a layered approach – Microsoft implemented the “Trustworthy Computing” initiative in 2002 for all their software.

  • security management
  • data
  • user
  • application
  • host
  • internal network
  • network perimeter
  • facility

Microsoft is the #2 most attacked entity after the US Department of Defense on the Internet.   Microsoft as a strong commitment to meeting security standards and is regularly independently audited based on these standards.  There is support for the full continuum of private, hybrid and public cloud services.

Call to Action

  • hone your skills
  • understand the service expectations for the services you currently provide
  • seek opportunities to leverage cloud services
  • engage in the conversations with your compliance authorities
 Posted by Leo de Sousa at 23:38  Tagged with: , , , ,
 Older Entries  Newer Entries
© 2007-2012 Enterprise Architecture in Higher Education - Leo de Sousa Creative Commons License
Enterprise Architecture in Higher Education by Leo de Sousa is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.
Based on a work at leodesousa.ca.		 Suffusion theme by Sayontan Sinha

Switch to our mobile site