Dear College Staff,
If I can offer the simple, plain-English version of the below email from ITS:
- Over the University shutdown period (22 Dec-1 Jan), a significant change will occur in the University’s main password system
- The new system will allow you to change your password or reset it yourself and other security actions without having to call IT
- Your ‘identity’, once you have been authorised in this new system, will flow to some other ANU systems, hopefully removing the need for as many passwords and logins
- Your password will be valid for 1 year and need changing only annually
- You will receive instructions on what to do around this time – ** please action these and don’t discount them as a scam **
- You will still be able to access all University systems during this changeover
College General Manager, ANU College of Law
I’m writing to advise you that the Identity and Access Management (IdAM) project has a significant upgrade scheduled to occur during the 2017 shutdown, from 22 December 2017 to 1 January 2018.
Over recent years, the University has faced significant issues relating to the capability and maturity of its existing identity management tools. While the University's existing solution has served it well, the associated issues are compromising security and access governance relating to identity, administration and password management. The IdAM project was established to address these issues.
Some of the benefits of this upgrade include:
- Improved user/account provisioning and de-provisioning including more frequent data replication (currently there are 2 updates within each 24-hour period, which will change to data uploads every 20-30 minutes).
- Improved reporting and auditing ability including greater alignment with IT security policies, resulting in reduced security breaches.
- Improved password and authentication management including enabling users to self-service and reset their own passwords without reliance on the ANU Service Desk.
- A simplified Identity portal.
Please be aware of the following:
- During migration, all ANU account holders will be unable to reset or change passwords. However, students and staff will still be able to access all University systems and applications with their current username/password.
- Post migration, the ‘firstname.lastname' email aliases held by undergraduate students and alumni will be discontinued (this will not affect HDR students). The practical effect of this is that undergraduate students and alumni will only receive emails sent to their authorised ‘firstname.lastname@example.org’ email address, in line with ANU guidelines. Alumni will be able to request named accounts which will follow the format ‘email@example.com’ on an as needed basis.
- The introduction of expiring passwords for all user and functional accounts. The change will result in a 365-day password expiry policy. Note that the 365-day password expiry commences during this upgrade, so the first forced password resets are not expected to occur until late next year.
The attached document provides further technical details on the changes that will occur. I encourage you to share this with your operational staff to ensure there is full awareness of these activities and their potential impacts.
Please note, a detailed Rollback Plan has been constructed and will be executed should there be any major issues during the migration process.
If you have any questions or comments in relation to the IdAM project, please contact Helen Duke, A/g Associate Director, Infrastructure Services, ITS.
Please refer to the IdAM website for general information on the project: https://services.anu.edu.au/planning-governance/project-management/anu-identity-and-access-management
A/g Director, Information Technology Services