The University of New Mexico

Identity Management – Net ID SLA

By aswancer | Published:
Viewing 7 reply threads
  • Author
    Posts
    • February 26, 2016 at 3:37 pm #342
      aswancer
      Participant

      Identity management has a very broad scope with two major components 1. Identity and access management 2. Systems integration. The NetID SLA is meant to address the identity and access management component. Additional services are available to address the systems integration component including Active Directory and CAS.

      Attachments:
      1. Identity-Management-NetID-SLA.pdf
    • March 3, 2016 at 1:07 pm #406
      cdean
      Participant

      Two things:
      1) Page 3, 2.1.1 End-User Requirements, bullet 3 referencing password standards. Since the reality is that many people use either INB or Opinio, it would be prudent to include a bullet point stating that while you can use several special characters, use of INB or Opinio limits you to just _ and #

      2) Page 4, 3.1 UNM Responsibilities – Buttle 5 re: deleting NetID accounts. Current policy is that UNM Retirees keep their NetIDs indefinitely. as per http://it.unm.edu/accounts. The SLA states that they are set to inactive after separation. I assume that being set to inactive is not what happens when someone retires?

      Cyndi

      • March 9, 2016 at 9:31 am #465
        chuckp
        Participant

        1)  Yes. The link provided is to the FastInfo that describes the limitations of certain applications.   These will be changing as future upgrades are implemented.

        2) A retiree is still active until death.  At that time the separation takes place.  Suggestions on a PC way to say this are welcome.

    • March 4, 2016 at 4:30 pm #428
      ayoder
      Participant

      3.1 “Student NetID accounts will be set to inactive (excluding Summer session) after three concurrent non-enrolled semesters” Do you mean consecutive? 

      • March 9, 2016 at 9:36 am #466
        chuckp
        Participant

        Yes.  We will make that mod. Good catch.

    • March 5, 2016 at 11:53 am #439
      patrickb
      Participant

      Is there an expected service time for the creation of NetIDs, particularly for guests? The current long time to create NetIDs for guests, colleagues, and collaborators has been a major impediment w.r.t. wireless network access; I am unclear if that should be addressed as part of this SLA or the wireless networking SLA.

    • March 7, 2016 at 10:55 am #443
      jwong
      Participant

      3.1 If a NetID is deleted after 65 days, do you allow NetID to be repurpose and be associated with a different individual?

      • March 9, 2016 at 9:39 am #467
        chuckp
        Participant

        The NetID is reserved indefinitely.  There is a process for returning individuals to re-claim their old NetID.   Improvements in the future will automatically give returning people their old NetID.

    • March 9, 2016 at 12:28 pm #468
      cdean
      Participant

      Chuck, with regard to the NetID, has the underlying problem with identify management with changing a NetID for a legal reason such as marriage been changed? By underlying problem I mean that in the past, if one changes their NetID, they lose their Learning Central history, purchasing authorizations including Banner/Hyperion/MyReports access, etc. 

      • March 10, 2016 at 12:26 pm #475
        aballo
        Participant

        Interesting point you bring up. I can’t speak to LC and Purchasing but taking this a step further, I believe that while access may transfer in MyReports (via BAR roles), any custom reports could need manual intervention to be copied to their new NetID folder as  these are stored only as metadata by the Users NetID in the MyReports Oracle Repository database.

        Once logging into MyReports under their new NetID, these reports will not be accessible from anyone other than those with “Manager Mode” access. Each “tab” area (such as Finance, Student, OIA, Payroll…) have their own instructions for support posted at: http://myreportsinfo.unm.edu/support.html

        This is probably a small percentage of the MyReports Info-Assist users but still worthy to note here and for discussion at a future “Reporting Operations” meeting. Not sure how detailed we should be with this SLA.

        • This reply was modified 8 years, 8 months ago by aballo.
    • March 11, 2016 at 8:14 am #481
      download
      Participant

      Why are strong passwords forbidden? eg. “correct horse battery staple” is too long and doesn’t have enough different kinds of characters but, yet, is considerably stronger than what is currently allowed. See: https://xkcd.com/936/

    • March 11, 2016 at 10:31 am #490
      elisha
      Participant

      2.1 – “Guest account access for contractors, guest lecturers and visiting scholars;” Do service accounts fall under this category? In an effort to provide more security and enforce end user acceptance of unm policy and privacy responsibilities, we have been migrating some services to the use of the NetID as a login credential. In this case, these are non-UNM entities… they are customers of a service that UNM is providing under contract for the state.

      2.1.1
      “Setup challenge-response security questions and answers” These end up being nonsensical questions for departmental accounts and difficult answers to remember for regular individuals. What’s my favorite food? That pretty much depends on what I’m hungry for. Could users make their own security questions?

      8 – What does pricing and billing mean as it relates to Identity Management?

      • March 11, 2016 at 10:54 am #491
        download
        Participant

        Having your own security questions would be much more meaningful and harder to “crack”! For example, how many “my favorite athlete” responses can there be? I’d bet there is more than one “Michael Jordan” answer to this question… “What is the 17th word in my favorite song?” is a little harder… I’ve always hated the security questions and, since I think they’re totally guessable, I generally enter garbage to make it harder to hijack my account which is not very helpful when I do lose my password (I’ll be the first to admit I might be overly paranoid).

  • Author
    Posts
Viewing 7 reply threads
  • The topic ‘Identity Management – Net ID SLA’ is closed to new replies.