Skip to McMaster Navigation Skip to Site Navigation Skip to main content
McMaster logo

Office of the AVP & CTO

INFORMATION TECHNOLOGY SECURITY

Identity & Access Management At McMaster University

Identity and access management (often referred to as “IAM”) is a set of business processes and supporting technologies that enable the creation, maintenance, and use of digital identities. Good IAM practices make sure that the right people gain access to the right materials and records at the right time, as well as making it safe, secure, and simple to change access rights, group memberships, and other key attributes as users and systems grow, change, get added or removed. The services provided by UTS’s Identity & Access Management are designed to meet the needs of the entire McMaster Community. The team strives to deliver service offerings that align with best practices and methods that improve convenience and ease of access for students, faculty, staff, alumni, and affiliates while protecting University resources as required. At McMaster University, the primary digital identity is known as the MacID and IAM along with Mosaic manage the issuing, use, life-cycle and safety of this digital identity.

IAM Principles

Identity and Access Management Impacts Everyone and Everything

IAM is a core technical service that exists to ensure that only verified people can access online resources and assets of the University via managed permissions. Without IAM, people at the University cannot easily gain access or share information. In an ideal state, IAM enables new applications and services to be brought up quickly, provides necessary user information to applications so that they can properly function, and allow users to partake in new services with minimal effort. IAM brokers and manages critical information about the identities and attributes of the University’s internal and external user communities. In addition to enabling account creation and application access decisions, these identity assets are data-mined by the University and leveraged to enable efforts that range from supporting business intelligence initiatives to mitigating information security risks.

Identity and Access Management Simplifies the User Experience

The IAM System reduces complexity for end users, application owners, and administrators by streamlining identity and account creation for end users. It also enables end-users to have insight and control over their accounts through self-service account management and placing the control of basic requests such as MacID creation, password changes and access requests into the hands of the user and off the shoulders of the help desk. IAM efforts enable productivity by means of quick provisioning, granting user access to protected systems, resources, and physical locations with little to no intervention by administrative staff.

Identity and Access Management Enables Research and Collaboration

The Identity and Access Management program facilitates collaboration by breaking down the barriers to access for end-users and opening the ability to share information and work safely together across institutional boundaries and the cloud. IAM accomplishes this by relying on authentication standards such as SSO and SAML/OIDC/Oauth2. This provides the University with a competitive advantage over institutions that cannot offer the same level of ease and expediency.

Identity and Access Management Protects University Resources

Identity and access management is a vital information safeguard. It exists to manage and protect sensitive data and information from the ever evolving landscape of security threats. IAM accomplishes this by relying on risk identification and mitigation and identifying policy violations that might require the removal of inappropriate access privileges without having to waste time and effort searching across disparate systems.

Identity and Access Management Facilitates Technology Innovation

Identity and access management increases the agility of application development and deployment by eliminating the need for application developers to setup and duplicate potentially vulnerable authentication systems. IAM helps weather the storm of disruptive innovation by positioning the University to quickly and securely integrate with or implement cloud platforms and services. IAM enables key technology initiatives, and is an important precursor to the successful implementation of new University initiatives.