Click here to load reader
Upload
hoangquynh
View
213
Download
1
Embed Size (px)
Citation preview
www.bonitasoft.com
DELIVERING CUSTOMIZED AND SCALABLE IDENTITY MANAGEMENT SOLUTIONS
Using open source BPM to meet the identity management needs of two large US universities
"Higher educational institutions are seeking to be autonomous after their software deployments. Unlike proprietary software, Bonita Open Solution allows staff members at these schools to be less reliant on a professional services organization…and be flexible in adapting to the dynamic changes in their infrastructure and complex organizational needs.”
- Janet Yarbrough, Director of Business Development and Channel Management at Aegis Identity Software, Inc.
About Aegis Identity Software, Inc.
Aegis Identity Software was founded in 2011 with a mission to create an affordable Identity Management Solution for
the education market. Based on eight years of experience and more than 70 implementations of identity
management, Aegis now serves higher education and K‐12 clients with unique solutions built for these markets.
Business Needs
To serve the identity management needs of universities with more than 40,000 students, Aegis Identity Software
needed to build a versatile solution that handles workflows in a multistage process. In many ways, this is more
complicated than the authentication needed in a major corporation. In a corporation, new employees get on‐boarded
periodically, in a staggered fashion. At a major university, thousands of new students are on‐boarded all at once.
Students tend to have different roles at different times – for example, a student, may also be a worker on‐campus and
www.bonitasoft.com
would therefore require different access rights in various systems. Similarly the same student may need access rights
as a teaching assistant, and would therefore also need access to a Learning Management System, in addition to
several other systems. Each role requires different access features which creates the need for custom workflows and
complex business rules.
And unlike corporations, when students leave their university, they often stay connected in some way, and are
allowed special access to university resources. These situations require specialized workflows that enable certain
access rights.
Meeting compliance and privacy issues must be done while providing information access in a complex environment of
students, administrators, alumni, teachers and contractors. The higher education IT environment is increasing in
complexity with a mix of physical, virtual and cloud environments, further complicating the privacy and access
balance.
Aegis’ solution, TridentHE Identity Manager, deals with these issues by delivering an integrated system that provides
provisioning/de‐provisioning, password management and user self‐service, identity synchronization , identity
administration and audit functionality.
The Choice for Bonita Open Solution
To serve specific higher education customers, Aegis Identity Software needed a Business Process Management
solution that could customize workflows for each university’s needs. Aegis evaluated the Activiti BPM Platform,
Progress Savvion and the Bonita Open Solution BPM suite. Aegis chose Bonita Open Solution based on a variety of
factors ranging from the solution’s ‘mature product feel’ to BonitaSoft’s track record in the BPM market.
“Bonita Open Solution has a considerably better user interface than most BPM tools out there, and it’s definitely
better than workflow packages that are prepackaged with more expensive identity management systems,” said
Douglas Green, Senior Software Engineer at Aegis Identity Software. “It has a much more mature product feel than
other solutions we considered. We gave this a thorough technical evaluation and it performed admirably.”
The Aegis Identity team also checked references and received positive reports about BonitaSoft’s work in the
education market.
“The brand name helped,” Green said. “The fact that BonitaSoft has done other successful projects in the market
made us feel good about going forward with a solution that performs well with our specific needs.”
One of Bonita Open Solution’s primary differentiators is its ability to connect workflows to major applications. Bonita
Open Solution easily integrated with Aegis’s identity management tool, which in turn was connected to other systems
such as PeopleSoft, Ellucian, Blackboard, Google Apps and ERP systems. Bob Lamvik, Chief Operating Officer at Aegis
Identity Software, said the solution connects seamlessly to the majority of the features in Aegis Identity’s package,
allowing for a smooth process of provisioning (giving users access to and authorization for the universities various
data systems).
“We made good use of the connector technology in Bonita, and it works for us,” Lamvik said. “It parallels what we
do.”
Both schools automated three processes; an account claim process for initial password reset by all new students, a
password reset process when a student loses their password, and a delegated administration process which contains
an ongoing workflow when a student needs to modify their security or contact information. Though the three
processes were the same for both schools, the individual workflow steps were quite different. For instance, one
school chose to use validators with custom connectors for identifying students.
www.bonitasoft.com
The password reset process was particularly interesting. Both schools asked students to complete a security question.
Upon answering the question, the student could choose to have the new password sent via an alternative email or
text message (SMS). To do this, the request was captured in the TridentHE Identity Manager. Through integration with
TridentHE, Bonita Open Solution sends a token to the student’s email or phone.
Key Results
Use of Bonita Open Solution has helped Aegis Identity Software deploy their solution quickly to education markets,
and it has helped education customers themselves automate tasks in a streamlined, cost‐effective way.
“The main benefit was we could develop one generic workflow that works for every task in the education market 90
percent of the time,” Lamvik said. “For the remaining 10 percent, Bonita allows us to customize for each tool
according to that school’s needs. Each implementation interacts with TridentHE in a different way. And interaction
with the school’s other existing systems through the connectors made Bonita a very valuable tool in our development.
Aegis Identity Software recently deployed its TridentHE solution, backed by Bonita Open Solution, in two major U.S.
universities, providing customized workflows for a series of identity management functions.
Both schools realized benefits through the creation of an automated workflow for their password reset functions. This
automated reset allows them to perform functions without a 24/7 support team and it ensures that students and
other users are being given access to the right resources. The school is no longer reliant on a phone based support
system for their password reset. Additionally, leveraging business rules ensures accurate designation of rights to
students.
According to Janet Yarbrough, Director of Business Development and Channel Management at Aegis Identity Software, Inc.,
“Higher educational institutions are seeking to be autonomous after their software deployments. Staff members and
IT professionals like the capability to further develop and support their infrastructure on their own. This is where
Bonita Open Solution plays a significant role. Unlike proprietary software, Bonita Open Solution allows staff members
at these schools to be less reliant on a professional services organization, as there are fewer restrictions. These
schools can be flexible in adapting to the dynamic changes in their infrastructure and complex organizational needs.”
The Future
Lamvik said Aegis plans to expand their use of Bonita Open Solution in the future, adding enterprise features to its
service offering that deliver new functionality for higher education implementations. Aegis has engaged with
BonitaSoft services team to work on specific issues requested by higher ed clients, such as the ability to track IP
addresses at different stages of engagement. He added that schools themselves will likely need to engage in more
involved workflow issues such as authenticating students’ access to certain departments’ materials.
“There are so many different scenarios that schools are looking at in terms of integrating with their workflows,” he
said. “Since we’ve introduced them to Bonita and they’re pleased with what they’ve seen, I think they’re going to look
to work with Bonita on some even more complicated workflows.”