%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R 19 0 R ] /Count 2 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 18 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240518111519+00'00') /ModDate (D:20240518111519+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 6484 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 58.990 521.469 687.745 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 746.734 m 566.734 746.734 l 565.984 745.984 l 46.016 745.984 l f 566.734 746.734 m 566.734 58.990 l 565.984 58.990 l 565.984 745.984 l f 45.266 746.734 m 45.266 58.990 l 46.016 58.990 l 46.016 745.984 l f 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(WHAT IS IAM?)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(A while back an internal audit focusing on IT administrative systems, in particular )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(two areas, Human Resource Management and Student administration, was )] TJ ET BT 61.016 542.055 Td /F3 9.0 Tf [(conducted. The audit tried to establish whether the universitys policy with regard )] TJ ET BT 61.016 531.066 Td /F3 9.0 Tf [(to administrative system users complied with prescribed best practices and )] TJ ET BT 61.016 520.077 Td /F3 9.0 Tf [(whether adequate processes are in place to manage access rights.)] TJ ET BT 61.016 500.088 Td /F3 9.0 Tf [(It was found that there was a need for a formal)] TJ ET BT 249.116 500.088 Td /F4 9.0 Tf [(I)] TJ ET BT 251.618 500.088 Td /F3 9.0 Tf [(dentity and)] TJ ET BT 298.148 500.088 Td /F4 9.0 Tf [(A)] TJ ET BT 304.646 500.088 Td /F3 9.0 Tf [(ccess)] TJ ET BT 330.152 500.088 Td /F4 9.0 Tf [(M)] TJ ET BT 337.649 500.088 Td /F3 9.0 Tf [(anagement )] TJ ET BT 61.016 489.099 Td /F3 9.0 Tf [(\(IAM\) policy, more regulated processes and one central source from which )] TJ ET BT 61.016 478.110 Td /F3 9.0 Tf [(identities \()] TJ ET BT 102.029 478.110 Td /F3 9.0 Tf [(see definition below)] TJ ET BT 181.067 478.110 Td /F3 9.0 Tf [(\) should be managed.)] TJ ET BT 61.016 458.121 Td /F3 9.0 Tf [(The current practice of issuing multiple electronic identities per business )] TJ ET BT 61.016 447.132 Td /F3 9.0 Tf [(application or per individual associated with the university for access to )] TJ ET BT 61.016 436.143 Td /F3 9.0 Tf [(administrative systems, lends itself to the fraudulent use of both electronic )] TJ ET BT 61.016 425.154 Td /F3 9.0 Tf [(identities and information a high risk at an academic institution.)] TJ ET BT 61.016 405.165 Td /F3 9.0 Tf [(The audit findings were considered and as a resultthereofan all-encompassing)] TJ ET BT 61.016 394.176 Td /F3 9.0 Tf [(Identity and Access Management Project \(IAM Project\) was initiated to mitigate )] TJ ET BT 61.016 383.187 Td /F3 9.0 Tf [(both known and potential risk around system and resource \(i.e. Library \) access.)] TJ ET BT 61.016 363.198 Td /F3 9.0 Tf [(In an effort for better control on creating identity the following three systems will )] TJ ET BT 61.016 352.209 Td /F3 9.0 Tf [(be the only recognised systems from whichboth identity and electronic identity )] TJ ET BT 61.016 341.220 Td /F3 9.0 Tf [(can originate.)] TJ ET BT 78.360 321.247 Td /F3 9.0 Tf [(1.)] TJ ET BT 91.016 321.231 Td /F3 9.0 Tf [(Student Administration Registration of students including Short Course registrations)] TJ ET BT 78.360 310.258 Td /F3 9.0 Tf [(2.)] TJ ET BT 91.016 310.242 Td /F3 9.0 Tf [(Human Resource \(HR\) All SU staff that needs to be reported on for statutory purposes or for whom a payroll )] TJ ET BT 91.016 299.253 Td /F3 9.0 Tf [(needs to be run.)] TJ ET BT 78.360 288.280 Td /F3 9.0 Tf [(3.)] TJ ET BT 91.016 288.264 Td /F3 9.0 Tf [(SUNid- used for any person that forms an affiliation with SU, but cannot be classified as either student or staff. )] TJ ET BT 91.016 277.275 Td /F3 9.0 Tf [(The current classification for this group of person is either that of external worker or visitor.)] TJ ET BT 61.016 257.286 Td /F3 9.0 Tf [(IAM aims to addresses 95% of the audit findings by establishing a central system from which one electronic identity can )] TJ ET BT 61.016 246.297 Td /F3 9.0 Tf [(be issued via an automated process with full audit on who has access to which system and who approved the request.A )] TJ ET BT 61.016 235.308 Td /F3 9.0 Tf [(future deliverable from this project would be a formal definition of roles \(e.g. Payroll clerk\) from system function \(program\) )] TJ ET BT 61.016 224.319 Td /F3 9.0 Tf [(access patterns to facilitate role-based access request management.)] TJ ET BT 61.016 202.132 Td /F3 9.0 Tf [(An Electronic Identity Validation Regulation has already been approved and can viewed)] TJ ET 0.373 0.169 0.255 rg BT 412.196 202.132 Td /F3 9.0 Tf [(here.)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 412.196 200.981 m 432.707 200.981 l S 0.400 0.400 0.400 rg BT 61.016 181.594 Td /F3 9.0 Tf [(The IAM project is one of continuous improvement and development. Its more than just putting systems in place, but also )] TJ ET BT 61.016 170.605 Td /F3 9.0 Tf [(about understanding the universitys organisational behaviour and processes to ensure these systems will increase )] TJ ET BT 61.016 159.616 Td /F3 9.0 Tf [(productivity and function optimally.)] TJ ET BT 61.016 137.429 Td /F3 9.0 Tf [(To keep you up to date on upcoming IAM projects, we will be running a series of articles from this week. In our next article )] TJ ET BT 61.016 123.693 Td /F3 9.0 Tf [(well be looking at AIS.)] TJ ET BT 61.016 103.154 Td /F3 9.0 Tf [(If youre still in the dark as to how SunID works, refer to your)] TJ ET 0.373 0.169 0.255 rg BT 303.611 103.154 Td /F3 9.0 Tf [(wiki)] TJ ET 0.18 w 0 J [ ] 0 d 303.611 102.003 m 318.605 102.003 l S 0.400 0.400 0.400 rg BT 318.605 103.154 Td /F3 9.0 Tf [(for detailed instructions or read our previous)] TJ ET 0.373 0.169 0.255 rg BT 499.181 103.154 Td /F3 9.0 Tf [(blog)] TJ ET 0.18 w 0 J [ ] 0 d 499.181 102.003 m 516.191 102.003 l S 0.400 0.400 0.400 rg BT 516.191 103.154 Td /F3 9.0 Tf [(articles.)] TJ ET BT 61.016 83.165 Td /F3 9.0 Tf [(If you prefer a more hands-on approach, well also be hosting a few informal sessions where youll be guided through the )] TJ ET BT 61.016 72.176 Td /F3 9.0 Tf [(process step-by-step and also have the opportunity to air all your complaints and questions.If youre like to attend one of )] TJ ET q 162.000 0 0 225.000 388.984 347.824 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 412.1957 201.2998 432.7067 210.4573 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/Admin/Infoteg/dokumente/Electronic Identity Validation Regulation Approved.pdf) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 303.6107 102.3218 318.6047 111.4793 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki Pages/Visitors.aspx) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 499.1807 102.3218 516.1907 111.4793 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/?s=sunid) >> endobj 18 0 obj << /Type /XObject /Subtype /Image /Width 216 /Height 300 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 27366>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80 C   %# , #&')*)-0-(0%()(C   (((((((((((((((((((((((((((((((((((((((((((((((((((," }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?(((((EW3xcMktKN4gA9 G$XciiDW_:tsq]t8uṜ.͞FkH,ˡykVX!*;U _j<-M=PQE ( EQEQEQEQEQEQEQER/ ?gٻܻIs'X[F oIltzӇ:O^ͷ䬟b'>U{>'V7Zcb:,(jQ)G\^{+66$+❫^|Uխ* 7ISGiru|KLKj`C6 D۸'-r84F7*Jz/v߀}~&ΗNԯ&ҭ"Dvr]8jy'IY/Y_u$|_.Qw1VĄӮqtwV[{署XY 9B{EyM_TNB#taI$ ҀǑpIy?^-oe5Ŝ4hqx媱[y]_mEKh5ԭ{v "J)MpGnxkΟܥƸUJi1 Ose|1_|m|p!hS3<9Ңï]w $mhLCg1ZP?g Bpm]Mmp(,H23nF8݆1r"xƯ -ܺ&wo4~bLLqBđ<[k%mWiNI0?Zĭ2]RY[{kyMIf pVV쮷w]ar]I}N|A=>eb0ar27yyں |~O@YeH@?>0QEr{)-"xeot2kЯ> ;%K V3BFT@qɭqxz1|Fރz[tzv'TV΅7ΞO5^ 7߄owQU,?9Utf)e嬱pЅ6ac ڰm4hww'nQVM2r9<x9FΓ;&׻ V -ުfqso2 w,Ib@ r3ڴ+| m;+o r +!OG|61O3R``^60qVoSB_Xi[i pm7 2N1z]sWq澮Rrt}5 vr:^]U ֲҐrC rLf5XIuQcf(ǠxP/K!B9=05kӳ.>`X:!ϦtTh/nZ6ؚom:5x` s5=\rqoR[v1z߇_ӵ与9^TPR9VaV, pd3ȤB=HXN=;]Oh~'7/:T~ꗂ`uY``q|@񧆞Rmf_%s,)6BvcNj:z)<xCg7p8''Cb C(4LH8_G9{VʝLBgngm䅤[j!Ҿ-x CN-Bm,bDw<32 zIoėvI.n#Y dA g99t;>Ӯ.5Km59ȕHM#\_'gNQYxZt(b3|iε 4g9џgo篨sE=Os Me:0% 1! h񷋾~:z{Dp``M $s#>mum >-xGm }sJ|\I+ՙb3/8늸?Jiԍךv"y{x;$P둃3RW7gJh5̀d#&F#z_$}tw_yNjj(,((([{/i2~,7ZWa8c7ӓ >Cb5X帵;T2:TQuimկn] ClzW76+DXM?Tֵ}ǒ"2x1хJ)E$״G㓊}Ů(S[}2%X\qמkԥH h[vˍI+Ӣ,ϊW1\xM蛲 >I?"2nC>R8u&Wץd6xƗ/& Y>\DZq|UOƕf<eaDPw?9]8`]߃<1T{-„ ڗ_f `jbideTrVu,yF_$z GEٕiXn8yž"^<]$OnD/.r$0:k.Xz2+lW_i>4V?u#rqr1֛k\ޘ Q= n 18fom4 Cu Ic9my(޽4 {y/t]WDCmdN2#c]tY\7/y Gv 8мW ͺCoG <~5KDaaVx[|0bH׏Ɨ|)j0G~!y(fPs`8jW΁,R跃Z]aHd{c 5Th7u~Y]_Oz-6HັU!I#Z:&%ݿ|yyo#Xp& c0Ii~)-ͨ9yRUk(B0쟺/Ыn1tuiZJ([8zg?_yFWPC)sī{M2QM0"z6S5|.U,fgr|u $1O4:j#5+N?Ҕ{_w;(3((+5j>%> RpL˻U^D'NMtk:_QqKr0 b-EJ3nWs kFBKw;ZWP cR08=}s%Դ6FA-lk[xⷊĦ(2!pG#9B]\ޭq[m`{N蕔JsFkحM)SJM^iᄇ{[rӳ˯DŽxjZ=Icj. o?ޭ+7~M#B,ɽM!qy < c$sW#"KuIV,KcJ{Fo*eм6RE2H<zt:i[Niaj-.KgG{麔rv˯x8!F(7.vpq|qQ]dy. >m7<^彎R.^V Xn /ڲi:ύ~~涴e238_g 9j!Ф_熬|%OO(xi#S.q}_z|yxK-ׅ`Ԗp fϖA2c`W/YHmsZ [b bB<;Cnnot-ß1m3Sn)bV5jjҳSю K6s?;KLsvRd㎹}*k7ھ'le'P<d>K5uk"ڑ$6>C·CxPr5Td# @pOkJ~ν=[FXh?Mu1.5טVh?0 =6ǷvWq\F ,; ;0en(b~2|q=5ouFN<߄TZd{[(ҫ8U\3r}E(I;JI.Kj-D-I4x`h[O99QczOZ|Smޗ~5+s*<ʙ<`;i>+:Mk,Lp݉9=~lVԠ4CO[2BDpegֱĹG/{Bi-Zkm0-*?VZ{@Йn|@ۃ5 ]:i!d8G:799F_(ߞ=4̯xOG[]7WZcnY@`i!Omoggf&9sȬ_>O4<7 I,E(!Qs7)ַ́<+x}3Z]pnr2ANpAӚڽ5UNય熍oWPOo'sYOßQH흕Sv=3ڣ]0m'P[ F"iϖTg#$}Mk֛[X^xXdv$`i^VlZeϡ)BC_y`y1U(ʅ{OeI[l{]ؤYcI#9GWʝEPEP^o t?kjfm{⫘>U#99<'P77y̱yLnS؎Ƽ/gce3Hy$G)rogeG+?/+|_u[8n式H;'Z_5o}|AmKK}-{lrk.{#_XӼ?G}}VuwG 6!8{Wh>0` [7 L㧣]ot}" .{;e!Grb@$dtWZ_<3񇉧x%- I=@=ppWy X湒}?'AjP߇~K9׫6wzqC=rO6oͪa/ #f mT="^A?x}$: BI RDS@ڸh^4q3aſצ~Fؼ%z >J|ToGWoTwWmm#Bk <h,-&hGŸ!%I#9#JA'k+@!ȡpss4Wo<-4OIu n!UcdiEqkjR J8>oPg7[5XԖͯτ4OE4I-1yXvl9I9T|I MU> ikohnlng@Eֵ 4tg8u z5 äo|hm!b`px#ߓJYy$޶kFܒwZ ^)/?.TD9XX{}+}>xzM1<]ұS $r2沮|G XGaG=qVt?%Ե;4Y°jZJEnn>V+cNW+*╼hnԒ/XjtУ͕J$1JӼ h| xW p3~;IGA]2|gMyᘣ3Ҙ˹ٝ1ǽy MuũZnmȱT:3:tdZPo?Eׂ5+kk-0gQ?7nOx{7ԤrQ q/x@mS%hȓiɏh8b޼d]xEO "7HJX 'sӌ֔(BSZkqmەz>Zח3Ԕ'wVKY͍ۧ<>)j,h"18OI_CBЬdZS$=r1Wƾ$77b8NTq9qZƇVִKͽ q/N]%af_ z5˫]IᯅZV˃wdOpW1i +y|AF9/Buv[o 3VYF|g+X56 E#qC,}x=:|@9ufJ/"!h lUe5M^ۻD r;un&7o- ChFрp::'}46뚝 b iY u! cWj+kˆbR͍ShX7 JLGsGk:0% v:~#Դ $H$fP9?3@یB+J J;-?;fy9]5fWl4>.NӐH< pq=:.|ir`O{u8ry"`A.>Jr=:NUܦ7d]Z4_VDNвa tpR[Z,m+d qۚ5zXOV:I|Ă 8'r&r>JwJUu|ʹv׫aKv(ɦxHs4w:牭Fie%¢FkJ+k"[gid渌.1z雧CmWV,s$* ݑ=Et:iZόhM$b qQʛJ|-}-ZE1v͜0kž'H;j>)& iiKA]/m߬%YpD"d6x  㟥EMjm^o Zj7DQ, 3(瓞٪ZvDKh72K,$'#Ҫ[[[[$O ,F /ʭ_ɐ6*6+ZOě9"\F+լR9xg&~[?+hIc|0 1֭12+K =ZEy c>5^ޤTN ;UnޢW_Z2<};K|f@38+s:F{cė'LWK)ǩq׊}6E[g%&̙:H~bK x;F x.Z<ҥRu)G_Uu-6nGfx$n<9ce5"hCD@ۀc0 +M7>2 64 T O.<[ZxAQ2xI޸ I}hRžTB0px OJt{^!w_q$7"ѷ!^/Xuk9۹'#'+zw~!hKj$ϕ8ކC a[[j^ ]B{jj$iEX`3#G|Sx[W.whRs ҹ*RS['gwim߾F5 M }@hOmxn{M5OKI}o"+mKl%6+xSˌc'~xouIa0LAVW销 Px±rXæ$e,fI$c~k%գ˦ֲֵ!Xm`1k ԔW}7IZd_iwkb4@/q[Y>r5$C2Z#rlЧMb\kqjb>5eA|Cr&;#Fs5}}5{%XXCm<2xc tsM[#տ%;{ߏ% ]s#F!Io---Dj {Ўx }6K>xRK\'2IC ϰ]~P>#j+FI/5\`$~\+WzJd.t6RFGF(2qEGEh+o]V_㱝]j֖Kk-F($gcݧ,98<Sڛm5LJW4b{ȱ'0zVtMF}.7WsNpI#T[~Q lf\6>2:J㊖%sz^ow^כ_Ү>. m0=7|D^W7Q:N\btWOniu>X3c?* 1's^,d!,Nyq:fԢR'Q=vm:>+Ҁ 6EH$$3:qp`%O@$8 0 OpNJMĞмWH 5eR0#ť M4/Tr#ZsoIm|{"RiY_'o~XO"wӮ`[H$mnH w:X|fwK_Z$w<`Ң/bWM߻l<,94\Ix[B×+OL."o5OH#mJa,ꗟ8_Po]?T̽:/"յk)JE;D=; '#q&< j0)p "r8:s^[(G5h_h2H2AQ8پdxgmf@ѳ_BwqmY]Frʢ^^og}#v|yceYfFuv%qЎk/ Iº|Ml-n# p>5'#':,*)$<= 'Yt|RO*h>4uoFk%|ʹA{_?6LwoGk?qhyQ[|xSkQ##7q?nV(d8Y.3$Wgo,s2NpExI}Z颬};=%Q^yQE|[.Z>r_M]\nÃztbOL/cpOn$`cs/K&InWVq^w}k_i6*owZư>@n9rG{ukSPnֻ]Z[ԏVQuxJrA9]O<+;IџĺXGk٨4;$&伖UU nu;dV5RujRmh[ZiV.-(˯3|Cvo&Y 6 E#צ1T:{ZhSj/MD d%P3g¾4R7p!Q(p@7GO8sK^()x7:uw( Vn8tBmމRꑛע4cf@ou餿y.Z`A A~fF v:p Wds-]6#(iMk=R)DqWl5SRڬ[PrH:3篨ĺn6(D]Kc70.yt ssY*tËm?mb2[( @Nq{n:WxO^Ϡx?"m3vF3+Ӽ9a>YX^I{qAO!y9! wWncoAiQE!EP}w.(V#$~t+U[K7 rBTp 4ʅ Һ/j}/"Q-u@Y^)xaj5{XM[|Il|OMa}ݍ{9vuZN:۲l.Wdk^ҬanאYkom$X* {TBN|GemLTd6$^MvZTU4&Y۞5B{2ϧ9=yƕijn4 FM!}v$y1LT{5't޾ͮu7稚{i_#_Z^k=O]Do&6_BB̔2r>RzX'<ӿI&.C Zg?03vy5~hZLj,u)u:fC.حɍ-7D9$c*HQk#2ƚ>#0QI۱?C#WxĢJ0kHSq22Ӵ IVFz嬟|uX3GYS(BS ӑNάvv1v/]lc#xUźʦ-@ #<y|ou}omWŖtu E^V00\ \]_VmBYϔX[˪{W+ [f:@hpT㓎⻟xN-WÖc%ݯ5l˕A\<:]f?%g2˦A%;[`x#-!_ oSp+,ɣ:mekONHZ K. CiX&kI9RHJ54nњ]GGV4{9,ԭ{CYCn'9[]^>HG/N rF{qrDYn堽ӣ+#B$m䏼qۜ`q^is}in_k Grb7% 2GC)t\Uk_/|)KzdOhvm/c$AI 'J+W,.4 uj eHY@c9\y4K}yde|$þHocε*|44oFy7NO +a FO'޸%AriIt}RWFOiE+:r;`bm%~IvG^:W-oմw(gK,׽umZ<^}9]X^yml̫QSMǖ/m|KR!]^$oZ⨴ o#gX" 0 ΤFGGָ?R/`^^e3/c\FyNUGf'N_-'q=;cIt t`Im?ٱӅy.vWʝݷJR_}mlImm-K6Ethq,!pΡ&OolkxFRњ]fA(2O$q]7"[6>c9j#s#\7I|'{[!V6Q9'$Vn)w}rӫ}|&kV/ltO^XkK<@4Gi22\Aůt?RMzKؕx{x,HԑJ v[._ 9/>|N[z:`sکxSœ޷ڼ+Bρ7z"*rBMI]sG]}{Jst;+X>$ѭee" )PÂk|j5<3Wڧ1YV:Um!nR8/ ^X.BRv#ș&E k鑎Z3hzgt+I|)/iġWv1)kЇ掊vi_iZgѫ'ѕOxsNuwWt,w+Hhz|WVr4C72;V3Fa7o5MfS{ 7qɘGpqw6qij"̌v$$JU*rKZ'~^ml|9x ݽp$ ާpO85Wd8A귍|RZQ[ GÚUfgWGcO~_15);?m1U潥EN{Mwz=S;L:IfqA%N9%9ZA5Awcy3CnOu&ҝRǶ7=IƤd/9MzYuhNҴ {&߭+t8 cF/G~ I|7m$McZ+. ' @ڧ/.~#_\\L Ѽ/GE4 dsxޝ[xRnua&/BbSv€O 095֜9vu{|߭M]-i>K\ff]7=%zϯA&sوXr'/H|K_RM^|O9v+u5ٴ0XY.#(s8b9i;gI-W]~ F[*OZν'gOVsypxf+{8ɝHmP7 ~\0䁚ޅwΕm#+yFNXcѾ#n"I4XLGS=17(^Ymq~%ŭFϧy|֛ #BHATm{j4qgx`8`_&ۍկE /[?~NJ| uZɤ:քS=ǭg.;=3Iַsj?cGۻ:*u2 rx:s?ZKM3EMZF6(H=rxX:Nj_aj=H8T5FsmrK^V]GmJjVKγ"xvo]ZZK4F̙yiTtb=G9F@׃R5Y#{Udq׶8rs=+ ~FH`y"s9_GE+BW.wک[yqO\4o W{}t}?#Mڭޮ'A7>Yc`uҖw^ њI/"]gr<3'˸ mߕdw *X_xj "c~?.q/Rt4}"@uϽrqS4i}^vMQt4ZҬ[٬NA$32@tQ^nNJQHaEPY7\VlӮW@`{` .&"9lu5PvwWGj)7_ u D6z,!' 9kf}. oWz5ڟOTpA!9@Zj !afd1B Ҭ~rH^KwgZ&d 1F ҾUh9Qd9%:Ul g=y^ji7:<\x6џݱA!YۦzүO+ F瞃wLv5jͮQd"Ow>/NIIaMNjҟ~Hu\Бr GDڎ$qBۼ]Æqԫ)JZrǛw>m|M@մRT<۰Kېx5>m&m!K?,T;(-S?<; Vy̟C7s,GM6[Yۅ{vkcRo_T꺯ފm;MJ;35nV/ mFJ泫4z}ez?O Ú՝ըbC$F6-,RBsv sSV׼5-m-ʅy^|kQzgfӼ+UyƝS lC&\RcdT^&da[i{qkxDPy?3z¤IQ(WK][ťd':1}}3ǚ=S,dt;gZoifF R/3b1#YǧF_\SZ'5hojĤ) pc1 z_*ַLu\12AlJuT* <{vRIhkqz΋"w,M,s q VLӿ@{F_2[6&XǾ3|g a[{ɚ5`8kcק+2bD26*1O5MtNU^QEqQ@Q@Q@n LӆbBw1'mNLơٓ,Cr9F2H*S*V}A~K[^ ~4O2qnFmyZ-I.5RC-33:ed;w<-]Y2_ EBIs}$kk"xi n-p#{.l-9%#nH$v^?,+뭭5KHӤ@@2]GP M]EP|/oo*p4 nc&;偑([0^N溎_(}LlFA]ON3o➱>o+YZb<{F;ִF0JZw]tQX_t&iNd  ^;Yn:○nfZl #g'8㎵໨/(幒-(ŐqzZ} x͢ÓOor(GQ@T.tNJ=iGN_Ro̗x'MZ7Sqm%D2H +sqQ^i:D?Mܰ T]Pztx謴j\fux%0$bE{+s늻Ꮘva]]Zy-X6*y"E#Ҽ+&25ڸVw*ySrgxE<_{ncԮHF{vG<+¯-%Ҭt$;[0 ۑדבj]Ӕbvk[9'ۮLyIjSJ4N_Ú-"q8 *;x- mXz0?M_!^.gz0*QEaEPEPEPUFiywG~Y8՚ziׇuiKyi][ºH*89\eA'M6-eѥMETP+q5۶hbA,(@>㐺}{6_ mu.3pMzT>ԚOVY(rO8UHDv̍I<ֲ"=;y^#rLub܎}+sVowBP^Hm9-~+t?춤AxN팩RӯUYyO}yFϑZ[Fw|_)}7ʒ ;zsP^ M2OB Wlz8n| _^X%q8䎃𞙮Kǂqןik8Á /\TAEx붪׿+ZwMw8/ k|dn[.k9'O͐: qN 1XF>${ T,Jy{JUݜtac{wWSY5]d Pg3)[?j;bVl[#v @sqfkT"0S$ZQWOtJ%COw,"2jlp 79pT=wxJ)uGi8|ޠG2j 5]%%u$L\FĜp3~|]_ KIlF2`.0rg,J 3ݭiFe(ru~Lu;vwխScIs0Gː3ƌbĉm/mX՘lt*+#Q=C27༨935[6ԣWM'T3m!q}IW96%w+nqm|K9]%:|Dɕ+&F8u*4φz45MAr̓`m2I9LT?l9[.H;-RDib63c89n}OJm֍{xQn/|; u:dq]WZuGHc}Т >bfNl֚[@]h2xĺ߄|iourdK\WnxDgt:e?a5rH' Sgcm><}muszcwZmg-_Kuase> hL[TƴdEvGo[*n6 Qx-༎Iuܶ "#8'4gÚGĿ ۬\i6UIm=AqҵE?j|W66`Q'N:9xdj[)nn}gn=\׵jj_#V>ayiLK/YLm-/2G9?LEz̚e|]qyznj̃CS&v H扰2C~J߮lf"5$;_Ot (M((((((((1+;3e GߍIEQED^P>AFQJt0 b8QNV (Š((((( endstream endobj 19 0 obj << /Type /Page /Parent 3 0 R /Annots [ 21 0 R ] /Contents 20 0 R >> endobj 20 0 obj << /Length 1325 >> stream 0.400 0.400 0.400 rg 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 633.550 521.469 124.434 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 633.550 m 566.734 633.550 l 565.984 634.300 l 46.016 634.300 l f 566.734 757.984 m 566.734 633.550 l 565.984 634.300 l 565.984 757.984 l f 45.266 757.984 m 45.266 633.550 l 46.016 634.300 l 46.016 757.984 l f 0.400 0.400 0.400 rg BT 61.016 749.193 Td /F3 9.0 Tf [(these sessions, please contact Petro Uys at)] TJ ET 0.373 0.169 0.255 rg BT 238.100 749.193 Td /F3 9.0 Tf [(puys@sun.ac.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 238.100 748.042 m 304.763 748.042 l S 0.400 0.400 0.400 rg BT 304.763 749.193 Td /F3 9.0 Tf [(.)] TJ ET BT 61.016 711.954 Td /F3 9.0 Tf [(Definitions)] TJ ET BT 61.016 691.965 Td /F3 9.0 Tf [(Identity the capturing of all personal information and creating a unique 8 digit Stellenbosch university number also )] TJ ET BT 61.016 680.976 Td /F3 9.0 Tf [(commonly referred to as student number, staff number, ut_number, su_number.)] TJ ET BT 61.016 669.987 Td /F3 9.0 Tf [( Electronic Identity refers to username and password associated to an identity record)] TJ ET BT 61.016 651.498 Td /F3 9.0 Tf [(Posted in:Security | | With 0 comments)] TJ ET endstream endobj 21 0 obj << /Type /Annot /Subtype /Link /A 22 0 R /Border [0 0 0] /H /I /Rect [ 238.0997 748.3606 304.7627 757.5181 ] >> endobj 22 0 obj << /Type /Action /S /URI /URI (mailto:puys@sun.ac.za) >> endobj xref 0 23 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000339 00000 n 0000000376 00000 n 0000000511 00000 n 0000000607 00000 n 0000007143 00000 n 0000007255 00000 n 0000007362 00000 n 0000007478 00000 n 0000007598 00000 n 0000007726 00000 n 0000007879 00000 n 0000008007 00000 n 0000008130 00000 n 0000008258 00000 n 0000008344 00000 n 0000035879 00000 n 0000035963 00000 n 0000037341 00000 n 0000037469 00000 n trailer << /Size 23 /Root 1 0 R /Info 5 0 R >> startxref 37542 %%EOF What is IAM? « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

«
»

What is IAM?

A while back an internal audit focusing on IT administrative systems, in particular two areas, Human Resource Management and Student administration, was conducted. The audit tried to establish whether the university’s policy with regard to administrative system users complied with prescribed best practices and whether adequate processes are in place to manage access rights.

It was found that there was a need for a formal Identity and Access Management (IAM) policy, more regulated processes and one central source from which identities (see definition below) should be managed.

The current practice of issuing multiple electronic identities per business application or per individual associated with the university for access to administrative systems, lends itself to the fraudulent use of both electronic identities and information – a high risk at an academic institution.

The audit findings were considered and as a result thereof an all-encompassing Identity and Access Management  Project (IAM Project) was initiated to mitigate both known and potential risk  around system and resource (i.e. Library ) access.

In an effort for better control on creating identity the following three systems will be the only recognised systems from which both identity and electronic identity can originate.

  1. Student Administration – Registration of students including Short Course registrations
  2. Human Resource (HR) – All SU staff that needs to be reported on for statutory purposes or for whom a payroll needs to be run.
  3.  SUNid-  used for any person that forms an affiliation with SU, but cannot be classified as either student or staff. The current classification for this group of person is either that of external worker or visitor.

IAM aims to addresses 95% of the audit findings by establishing a central system from which one electronic identity can be issued via an automated process with full audit on who has access to which system and who approved the request. A future deliverable from this project would be a formal definition of roles (e.g. Payroll clerk) from system function (program) access patterns to facilitate role-based access request management.

An Electronic Identity Validation Regulation has already been approved and can viewed here.

The IAM project is one of continuous improvement and development. It’s more than just putting systems in place, but also about understanding the university’s organisational behaviour and processes to ensure these systems will increase productivity and function optimally.

To keep you up to date on upcoming IAM projects, we will be running a series of articles from this week. In our next article we’ll be looking at AIS. 

If you’re still in the dark as to how SunID works, refer to your wiki for detailed instructions or read our previous blog articles.

If you prefer a more hands-on approach, we’ll also be hosting a few informal sessions where you’ll be guided through the process step-by-step and also have the opportunity to air all your complaints and questions. If you’re like to attend one of these sessions, please contact Petro Uys at puys@sun.ac.za.

Definitions

Identity – the capturing of all personal information and creating a unique 8 digit Stellenbosch university number also commonly referred to as student number, staff number, ut_number, su_number.
    Electronic Identity – refers to username and password associated to an identity record 

Email

This entry was posted on Friday, May 9th, 2014 at 10:41 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.