Attending
Members
- Tom Jordan, University of Wisc - Madison (chair)
- Jill Gemmill, Clemson (vice chair)
- Rob Carter, Duke
- Michael Grady, Unicon
- Karen Herrington, Virginia Tech
- Christos Kanellopoulos, GEANT
- Les LaCroix, Carleton College
- Bill Thompson, Lafayette College
Internet2
- Kevin Morooney
- Ann West
- Steve Zoppi
- Nick Roy
- Jessica Coltrin
- Emily Eisbruch
Regrets
- Chris Phillips, CANARIE
- Margaret Cullen, Painless Security
- Nathan Dors, U Washington
- Matthew Economou, InCommon TAC Representative to CACTI
- Marina Adomeit, SUNET
Discussion
Discussion with NET+ CSTAAC
- Jill and TomJ met with the NET+ CSTAAC - Cloud Services Technology Architecture Advisory Committee
- Goal of trying to influence cloud vendors in supporting higher ed federation use cases,
- Good dialog. Started a doc to lay out the problem statement.
- Will meet at 2020 Global Summit to work on problem statement and next steps.
- Strategy is to understand who in the community to engage and who in the vendor community can move this forward.
- Reach out to TomJ or Jill if you want to participate in this effort.
Recruiting and Onboard Working Group Draft Charter discussion/modifications or approval
- Thanks Jessica for excellent work on the draft charter for the proposed new Working Group
- This proposed working is likely the beginning of continuing work
- For this proposed working group, the plan is about a year’s worth of work in two phases:
- Phase One: Identify Basic IAM Questions and Basic IAM Practices
- Phase Two: Gap Analysis and Recommendations
- Survey and Blog Posts are among the work products in Phase One
- Recommendations Doc is work product in Phase Two
- Different skills inventories based on deployment patterns, part of both Phase One and Phase Two
- Recommendations could spawn other working groups and continue the work
- Focus on recruiting, finding talent, onboarding, training, culture, making people feel welcome
- Suggestion to focus on differentiators in organizations (size of institution and approach to IAM, cloud deployment, etc.) and how that impacts the process
- How to take folks already on staff (not brand new hire) and turn them into an IAM person
- Build a bridge w security community?
- Tekata is a promising tool being used at UW Madison - https://tekata.io/
- ACI-REF best practices example: https://aci-ref.github.io/facilitation_leading_practices/
- Next Steps
- Where to solicit leadership and / or membership? Jessica and TomJ will work on this
- Finalize charter
- Communication prep
- Recruit members/leadership
- One way to help find interested individuals: review the notes from 2019 ACAMP session around hiring challenges https://docs.google.com/document/d/1GtHjo00WdWAhNh6vz7nwxgDREIPtJ5J2VTOJWLmoXrE/edit
Value proposition: Raising awareness/evangelism with C-suite (Tom/Jill)
- Seven things CIOs / CISOs should know about IAM
- Thanks to the group for the excellent start on these
- Rob will do some rewording on the draft
- Some consolidation and re-ordering of points may be needed
- Suggestion that instead of having two lists, we may want to consolidate into one list of things that CIOs and CISOs should know. There will be a lot of overlap. Decision is to wait on merging
- Next steps:
- Work towards having a message that can be used for various presentation materials
- Perhaps add info graphics, KarenH knows of a good tool for info graphic
- Ask for review from a few CIOs? Perhaps ask for review from the Trust and Identity PAG or InCommon Steering or Community Engagement PAG
- CACTI members please feel free to do some wordsmithing to the draft
EDUCAUSE Security Conference planning work for 2021- Jill is participating
Next Meeting: Tuesday, March 17th, 2020