Identity and Access Management (IAM)

The Identity and Access Management (IAM) team was formed in the fall of 2007 as part of the restructuring of OIT. It is part of the Security & Compliance unit and combines the previous Unity Account Management and Application Security positions and functions. In addition, it is responsible for coordinating efforts to optimize the university's authentication and authorization environments, as well as work with the campus Data Stewards to define and protect the identities of all campus members – students, faculty, staff, alumni, affiliates and guests. For more of a "definition" of IAM, see the paragraph below from the IAM Charter.

"IAM deals first and foremost with an individual's personal identifiers and attributes that distinguish them from all other university students, employees, affiliates or guests. That data, and the credentials that are issued to the individual (Username/UnityID and password), are used to identify or authenticate the individual. Access to university and external resources (authorization) is granted to individuals based upon the entitlements they receive. These entitlements are issued as a result of group memberships (e.g. all faculty, second year engineering students, etc.) determined by various attribute values the user has (e.g. affiliation, year and program of study, etc.). All of this identity data must be authoritative, secured, and accessible to those who have the authorization to use it. It is generally made available for this purpose through an enterprise directory service."