Penn Information Systems & Computing
December 2021 Update
Penn Community Re-Engineering Project
The Penn Community Re-Engineering Project includes a phased re-engineering of Penn’s core IAM infrastructure, replacing decades-old, custom-built identity management systems and processes with a standards-based, modern solution to strengthen Penn’s overall security posture and ability to comply with emerging global regulatory requirements.
Phase 1 Rollout Complete
Phase 1 rollout was completed on November 15, 2021 and included the implementation of SailPoint Identity IQ (IIQ) as the underlying identity engine for Penn Community. The new solution runs on a Penn-dedicated infrastructure hosted by Amazon Web Services (AWS), providing a flexible architecture that can grow with the University. More details about this rollout are available on the Penn Community website
Phase 2 Beginning
In Phase 2, we will begin leveraging our new identity management system’s capabilities to improve the security and efficiency of University-wide identity and access management processes. Phased functional releases are targeted to begin mid-2022, with the implementation of a new delegated identity administration interface to replace the legacy Penn Community EntryView application.
Detailed project planning is underway for Phase 2, which will include improvements to:
  • Timeliness and accuracy of University identity data
  • Administrators’ tools for user lookup, manual entry, and PennKey support
  • End-user self-service tools for password resets and PennKey creation
Areas of new functionality will include:
  • Auditing and reporting of identity updates and security events
  • Phased integrations with key, business-critical University systems to provide automated, rules-based provisioning and de-provisioning of user accounts and access privileges
    Other IAM News
    • Two-Step for O365Two‑Step Verification with PennO365 will be required as of June 2022. Most O365 users (over 80%) at Penn already use Two-Step to protect their O365 accounts. We strongly encourage IT groups on campus to work with users who are not already enrolled. 
    • User Self-Service Password Reset – ISC is in the inception and planning phases of a project to deploy new processes for self-service password resets and PennKey creation to replace Penn’s current custom-built solution. The new password reset process will use pre-registered communications channels (e.g., reset link to personal email, notification to phone/other) to provide more secure and convenient resets for all PennKey holders. 
    Questions & Feedback
    ISC values your feedback. If you have questions, comments, or suggestions, please contact penn-iam@upenn.edu.
    For the latest developments on the IAM program, please visit the website.
    We look forward to sharing more progress with you soon!
    The Penn IAM Team
    Manage your preferences | Opt out using TrueRemove
    Got this as a forward? Sign up to receive our future emails.
    View this email online.
    Information Systems & Computing
    University of Pennsylvania
    3401 Walnut Street, Suite 265C
    Philadelphia, PA 19104



     www.isc.upenn.edu
    help@isc.upenn.edu
    215-898-1000

    This email was sent to .
    To continue receiving our emails, add us to your address book.
    ISC uses Emma, a third-party mail system, to help send and track our communications.
    URLs in the body of the message may begin with "https://t.e2ma.net".
    Subscribe to our email list.