Penn Information Systems & Computing
December 2021 Update
Penn Community Re-Engineering Project
The Penn Community Re-Engineering Project includes a phased re-engineering of Penn’s core IAM infrastructure, replacing decades-old, custom-built identity management systems and processes with a standards-based, modern solution to strengthen Penn’s overall security posture and ability to comply with emerging global regulatory requirements.
Phase 1 Rollout Complete
Phase 1 rollout was completed on November 15, 2021 and included the implementation of SailPoint Identity IQ (IIQ) as the underlying identity engine for Penn Community. The new solution runs on a Penn-dedicated infrastructure hosted by Amazon Web Services (AWS), providing a flexible architecture that can grow with the University. More details about this rollout are available on the Penn Community website
Phase 2 Beginning
In Phase 2, we will begin leveraging our new identity management system’s capabilities to improve the security and efficiency of University-wide identity and access management processes. Phased functional releases are targeted to begin mid-2022, with the implementation of a new delegated identity administration interface to replace the legacy Penn Community EntryView application.
Detailed project planning is underway for Phase 2, which will include improvements to:
  • Timeliness and accuracy of University identity data
  • Administrators’ tools for user lookup, manual entry, and PennKey support
  • End-user self-service tools for password resets and PennKey creation
Areas of new functionality will include:
  • Auditing and reporting of identity updates and security events
  • Phased integrations with key, business-critical University systems to provide automated, rules-based provisioning and de-provisioning of user accounts and access privileges
    Other IAM News
    • Two-Step for O365Two‑Step Verification with PennO365 will be required as of June 2022. Most O365 users (over 80%) at Penn already use Two-Step to protect their O365 accounts. We strongly encourage IT groups on campus to work with users who are not already enrolled. 
    • User Self-Service Password Reset – ISC is in the inception and planning phases of a project to deploy new processes for self-service password resets and PennKey creation to replace Penn’s current custom-built solution. The new password reset process will use pre-registered communications channels (e.g., reset link to personal email, notification to phone/other) to provide more secure and convenient resets for all PennKey holders. 
    Questions & Feedback
    ISC values your feedback. If you have questions, comments, or suggestions, please contact penn-iam@upenn.edu.
    For the latest developments on the IAM program, please visit the website.
    We look forward to sharing more progress with you soon!
    The Penn IAM Team
    Subscribe to our email list.