Higher education institutions face numerous challenges when it comes to identity and access management (IAM), and this year has only intensified them. From the volume of resources and data to the unique lifecycles and access challenges presented by students, staff, and alumni, the cybersecurity threats and vulnerabilities are many.
IAM for higher education has only been further complicated by a new batch of challenges brought on by the pandemic: an increase in layoffs, additional security challenges created by the influx of remote access requirements, and budgets that are even more in flux than they already were. Finding the right solution requires an intimate understanding of this complex case.
To understand the landscape better, we went straight to IT leaders in higher education for their thoughts on IAM. Our survey, conducted by Pulse, focused on changes in priorities, emphasizing reducing the risk of using fewer resources.
Their responses highlight some key themes and trends in higher ed IAM and provide not only a big picture of the state of higher education IAM but a clearer view of the best route forward for colleges and universities.
Automation vs. Governance?
Automation — a key business enabler — is becoming paramount for IAM success and the survey results reflected that with nearly all leaders reporting they plan to automate most or all of their IAM processes. But another result regarding governance seemed to stand in the way of these automation goals: 99% said they consider identity management governance (IGA) to be the best approach to identity and access management.
Furthermore, 97% also claim that IAM automation is necessary to maintain compliance — this brings to light a conflict between what respondents have implemented today and what best practices truly are. It’s long been a misconception that governance must precede automation to achieve IAM success, but automation is always a critical tool in achieving governance success.
While governance is a critical success factor, prioritizing it over automation can actually slow the progress of both goals. Moving forward, colleges and universities should see automation as a tool to support governance, not the next step after compliance is taken care of.
4 Expected Benefits of Automation
Although automation is on almost every to-do list, higher education IT leaders have a slightly broader view of what the top benefits of automation will be. Reducing institutional security risks is a top priority for 69%. Just about two-thirds of respondents hope automated IAM will boost confidence in compliance status.
Still, more than half hope to see a shift from reactive to proactive threat detection. Surprisingly, 37% look forward to reallocating resources to strategic initiatives. Luckily, automation can help higher education achieve all of these and more as IT initiatives and priorities continue to shift.
The Impact of 2020
Across all of higher education, the pandemic has threatened most institutions’ IT budgets and significantly slowed automation momentum. In fact, all of those surveyed reported that budgets and existing infrastructure investments are preventing full IAM automation.
Other 2020 challenges have also shifted some automation priorities. For instance, there’s been a significant increase in layoffs and furloughs within colleges and universities since the start of the pandemic last spring. As a result, 93% of respondents say managing the provisioning and de-provisioning of entitlements has become more challenging without automation as a result of a smaller workforce. Nearly all of these executives say that automating IAM processes that specifically handle off-boarding for the increasing number of layoffs, plus the resources privileged users can access, would help them boost their organization’s productivity and security.
For IT leaders in higher education, IAM has always presented unique challenges. The pandemic not only heightened existing difficulties, it brought to light unforeseen problems as well. The good news is, automation can help solve many of them, but it needs to be prioritized. You can learn more about how automation can streamline identity and access management (while improving governance) in our free resource: Higher Education IT Leaders Are Looking to Complement Access Governance With Automation.