Home

Identity and Access Management (IAM)

Continuing McGill's cybersecurity journey
Uma Viswanathan | 7 Sep 2022

Cybersecurity is continually evolving at McGill. Our recent efforts have increased the security and efficiency of managing user access to McGill’s systems and data. For example:  

  • Two-factor authentication (2FA) adds a layer of security to the authentication process when you log into various McGill systems from off campus. 

  • The implementation of Workday, McGill’s human resource management solution, introduced a setup that streamlines job classification, profiles, and assignments based on a person’s role. This added granularity helps ensure that only authorized access is given.   

The Identity and Access Management (IAM) program is the next step in McGill’s journey towards enhanced security. 

What is IAM?  

IAM is based on the cybersecurity principle of minimal access: You should only access the data you need to perform your job, and only when you need it. For example, if you move from HR to Student Services, you may no longer need to access staff work histories. This initiative will update the processes governing access to the University’s systems by implementing a comprehensive, user-friendly solution. 

 McGill has chosen Sailpoint Identity IQ (IIQ), a leading vendor in the field of Identity Management. This application streamlines and automates the creation, modification, and management of user accounts. The assignment of access will be according to a user’s role at McGill and will no longer be a manual process. 

    This not only makes it easier to ensure users have the access they need when they need it, but also makes onboarding simpler and faster. It enables us to improve the governance around identity and user access, ensuring that only authorized people can access the appropriate data and resources at the right times and for the right reasons.  

Implementation status and next steps 

  • Phase 1 (complete): Deployment of “view” access to SailPoint IIQ and pilot with the IT Service Desk.  

  • Phase 2 (March 2023): The current phase consists of additional functionalities and the replacement of existing provisioning tools by Sailpoint IIQ within the IT Service Desk.  

  • Phase 3 (Delivery date TBD): Deploy Sailpoint IIQ to other McGill units and teams that presently manage application access manually. 

These improvements will reinforce the security of McGill's digital ecosystem and lay a foundation for greater data security. 

For updates on IAM and other McGill IT initiatives, visit the IT Project Dashboard.  

Back to top