This case study examines the transition of the in-place enterprise Identity Management system to a next generation solution supporting cloud based applications and managed services undertaken by the Queensland Department of Education and Training in partnership with UNIFY Solutions. This study is the third in the series which provides an insight into the design, build and deployment of key components to the existing Identity Management system to meet the evolving business needs of the Department.
In today’s environment with so many demands on identity information, an advanced identity provider service is required that can integrate disparate technology and bridge the mature identity management environments to the new requirements of cloud services, mobile device management and the internet of things.
In 2012 a number of major Departmental initiatives were progressing that would result in a substantial increase in demand on current IDM system, including:
- Microsoft Office 365 deployment
- Microsoft SharePoint upgrade
- New cloud based Parent Portal
- New SAP Finance system
- New eLearning applications
- Current state overview of the IDM Infrastructure.
- Document changing business needs and priorities including:
- General Cloud based strategies and managed services
- Office 365 – mail, SharePoint Online, Azure
- BYOD (Bring your own Device) – Mobile computing.
- Identifying any major Issues facing the IDM environment including:
- Reduce Licensing Costs
- Reducing the internal operational support overheads
- Reducing the complexity of internal solution components.
- Providing a roadmap of recommended changes
To ensure these initiatives were supported from an Identity perspective the Department engaged UNIFY Solutions to undertake a review of the current IDM architecture and platform to ascertain its suitability to meet the new business needs. The outcomes of the review included the establishment of a project to upgrade the current IDM platform to improve performance and meet the new requirements of Windows 8 and Office 365 and future Access Management integration.
The Project was tasked to integrate all applications using standard federation protocols and move away from utilizing a reverse proxy model. Additionally, the limited in-place Access Management infrastructure was to be replaced with an alternative solution based on the new Departmental requirements, and other national education initiatives.
To support selection of a new Access Management solution a mapping of the technical requirements to different vendors / products was undertaken to provide the business with a decision support tool. As a result, the Department selected a hybrid solution including Optimal IDM and Ping to replace the current Access Management system which did not support Office 365 Active Federation.
HYBRID SYSTEM BENEFITS
- Reduced infrastructure, fastest to implement, simplest to maintain and evolve
- Comprehensive Office 365 and SharePoint solution
- Comprehensive interoperability– all use cases covered
- Tools to deal with custom internal / complex application integration use cases
- Additional advanced functionality around Mobile applications and API security
- Simpler cloud integration
The new hybrid system was the most technically complete solution while providing reduced licensing and support overheads.
The project had a very aggressive 4- month timeline imposed in order to meet the changing business needs and ongoing operational support. The Department’s project methodologies were followed with strong Senior Executive sponsorship.
The transition from the current state IDM system which took four (4) years to fully implement was upgraded to a next generation access management system supporting cloud based applications in four (4) months.
The new IDM platform has evolved to meet the increasing demand for access to digital services anywhere, anytime, on any device. Having a trusted strategic partner providing independent advice, certified IDM specialists and trainers, ensured the Department was able to complete the transition seamlessly while maintaining availability of the core IDM services. The next generation IDM platform puts the Department in a strong position to respond to local and national initiatives such as national online testing now and into the future.
As a result of the long term, productive partnership between UNIFY Solutions and the Department of Education and Training; teachers, students and staff now have 24 x 7 online access to the information and applications needed to support teaching and learning in the 21st Century.