Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Attending

 

Members

  • Tom Jordan, University of Wisc - Madison (chair)   
  • Jill Gemmill, Clemson  (vice chair)   
  • Rob Carter, Duke   
  • Michael Grady, Unicon   
  • Karen Herrington, Virginia Tech    
  • Christos Kanellopoulos, GEANT  
  • Les LaCroix, Carleton College  
  • Bill Thompson, Lafayette College  

Internet2 

  • Kevin Morooney  
  • Ann West   
  • Steve Zoppi    
  • Nick Roy  
  • Jessica Coltrin  
  • Emily Eisbruch   

Regrets

  • Chris Phillips, CANARIE   
  • Margaret Cullen, Painless Security
  • Nathan Dors, U Washington  
  • Matthew Economou, InCommon TAC Representative to CACTI   
  • Marina Adomeit, SUNET

 

Discussion 

 Discussion with NET+ CSTAAC 

    • Jill and TomJ met with the NET+ CSTAAC - Cloud Services Technology Architecture Advisory Committee
    • Goal of trying to influence cloud vendors in supporting higher ed federation use cases,
    • Good dialog. Started a doc to  lay out the problem statement.
    • Will meet at 2020 Global Summit to work on problem statement and next steps.
    • Strategy is to understand who in the community to engage and who in the vendor community can move this forward. 
    • Reach out to TomJ or Jill if you want to participate in this effort.

 Recruiting and Onboard  Working Group Draft Charter discussion/modifications or approval

    • Thanks Jessica for excellent work on the draft charter for the proposed new Working Group
    • This proposed working  is likely the beginning of continuing work
    • For this proposed working group, the plan is about a year’s worth of work in two phases:
      • Phase One: Identify Basic IAM Questions and Basic IAM Practices
      • Phase Two: Gap Analysis and Recommendations
    • Survey and Blog Posts are among the work products in Phase One
    • Recommendations Doc is work product in Phase Two
    • Different skills inventories based on deployment patterns, part of both Phase One and Phase Two
    • Recommendations could spawn other working groups and continue the work
    • Focus on recruiting, finding talent, onboarding, training, culture, making people feel welcome
    • Suggestion to focus on differentiators in organizations (size of institution and approach to IAM, cloud deployment, etc.) and how that impacts the process
    • How to take folks already on staff (not brand new hire) and turn them into an IAM person
    • Build a bridge w security community?
    • Tekata is a promising tool being used at UW Madison  - https://tekata.io/
    • ACI-REF best practices example: 
https://aci-ref.github.io/facilitation_leading_practices/
    • Next Steps


 Value proposition: Raising awareness/evangelism with C-suite (Tom/Jill)

    • Seven things CIOs / CISOs should know about IAM
    • Thanks to the group for the excellent start on these  
    • Rob will do some rewording on the draft
    • Some consolidation and re-ordering of points may be needed
    • Suggestion that instead of having two lists, we may want to consolidate into one list of things that CIOs and CISOs should know. There will be a lot of overlap. Decision is to wait on merging
    • Next steps:
      • Work towards having a message that can be used for various presentation materials
      • Perhaps add info graphics, KarenH knows of a good tool for info graphic
      • Ask for review from a few CIOs? Perhaps ask for review from the Trust and Identity PAG or InCommon Steering or Community Engagement PAG
      • CACTI members please feel free to do some wordsmithing to the draft 

EDUCAUSE Security Conference planning work for 2021- Jill is participating 

Next Meeting: Tuesday, March 17th, 2020