Penn Community Re-Engineering Project

Penn Community Re-Engineering Project banner

As part of Penn’s Identity & Access Management (IAM) Program, Penn’s core IAM infrastructure has undergone a re-engineering to replace decades-old, custom-built identity management systems and processes with a standards-based, modern solution to strengthen Penn’s overall security posture and ability to comply with emerging global regulatory requirements. The new Penn Community (with SailPoint IIQ as the underlying identity engine) was implemented in phases.

Who Was Affected

As this project was infrastructure-based, there was minimal disruption for existing PennKey holders – users continued to access their Penn resources as before when the re-engineering was completed. The audiences affected by the project were source data owners (identity source systems), target system owners (consumers of Penn Community data), and ISC IAM-related service owners. The IAM project team collaborated with representatives from these groups through all phases of the project. 

Benefits

Following are the benefits of the project:

  • Enhance security by assigning privileges automatically based on known user identity data and predefined rules
  • Provide an audit trail for – and periodic recertification of – user access rights to ensure users have the correct privileges and to explain how and why they receive them
  • Provide significant user experience improvements and an accelerated onboarding process
  • Streamline request-approval processes and automate account de-provisioning
  • Speed application development with modern identity and access APIs and tools
  • Integrate with on-premises or cloud-hosted applications and/or frameworks to provide real-time provisioning and de-provisioning of user accounts and identity data to partners inside and outside of Penn