|Area||Project||Type||Stage||Key Objectives||More Information||Overall Health||ITS Lead||Comments||Last Updated|
|Identity Management||Active Directory Rollout Q1 2016||Tactical||Execution||1. School of Graduate Studies|
2. Object level backup and recovery
3. Remote Desktop Gateway (passwords and eToken authentication)
4. Security Baseline Policy Management and AD Hardening
5. Course Group Improvements - "Current" session groups
6. TechSmith Relay
7. AD Password Filter Update
|Ian Thomas||Resource constraint.||Sept. 14, 2016|
|Identity Management||Active Directory Rollout Q2 2016||Tactical||Execution||1. UTM|
2. Geo-redundancy @ UTM
|Ian Thomas||UTM has completed the infrastructure upgrades required to host EAD. IRRM to resume in October (resource limitation in ISEA) |
Cross-Forest trust to be established for UTM by Sept. 16
|Sept. 14, 2016|
|Identity Management||UTORId Migration||Tactical||Execution||The UTORid enterprise services are online resources that provide lifecycle management for: a) low and standard assurance authentication and b) coarse-grained directory information for the University of Toronto community. These services were developed and maintained in-house and are considered essential to the business operations of the University. |
The software component of the service needs to be re-designed for the following reasons: a) separate functionality so old and new components can be managed effectively b) upgrade components to current standards and c) improve client interfaces.
|Project Website||Mike Wiseman||Create new platform, implement synchronization of existing UTORid platform. |
Develop/firm up operational procedures.
|June 15, 2016|
|Identity Management||UTORId Process Review||Strategic||Propose||1. Identify "pain-points" with the current UTORId processes |
2. Identify new requirements which need to be met, example: process to on-board IDs for remote students who never set foot on campus
3. Based on the high-level requirements gathered above, propose changes or overhaul to the current Identity Management processes and system
|Rajiv Kaushik (PMO)||March 04, 2016|
|Identity Management||UTORvpn Upgrade||Tactical||Review||Update existing UTORvpn service given the following feature requests: |
•choose different VPN product to improve installation, operation and usability aspects.
•support concurrent use of admin system access and general purpose remote access VPN.
•support native operating system VPN clients.
•support custom connectivity to departmental networks.
•support multifactor authentication.
|Mike Wiseman||June 15, 2016|
|Identity Management||Digital Certificate Resell||Tactical||Propose||Increase access to webserver digital certificate products by reducing costs and improving operational processes to the service.||Mike Wiseman||June 15, 2016|
|Identity Management||Multi Factor Authentication||Tactical||Propose||Expand the use of multifactor authentication for staff and faculty to reduce the risk of unauthorized access to personally identifiable information and identity theft.||Mike Wiseman||June 15, 2016|
|Identity Management||UTORId for Remote Students||Strategic||Propose||1. UofT is admitting students who are taking only on-line courses and cannot visit the T-Card Office to receive a Secret Activation Key (SAK) to activate their UTORids.|
2. A new process is required to enable the activation of UTORids of registered students who are not present on campus.
|Mike Wiseman||System solution not possible, Manual workaround being implemented. Future state planned Q3-Q4||June 15, 2016|
|Identity Management||WebSSO Upgrade||Tactical||Execution||Improve the institutional web single sign-on service to support additional functionality such as multifactor authentication technologies.||Mike Wiseman||Upgrade current Shibboleth identity provider services from version 2.x to version 3.x In progress. Completion date: Apr. 30||June 15, 2016|
|Identity Management||Active Directory Rollout Q4 2015||Tactical||Sustainment||1. ServiceNow|
3. HRIS Departmental Groups
4. Department attribute for Staff & Faculty
|Completed||Ian Thomas||Jan. 22, 2016|
|Identity Management||Authorization (Grouper) Implementation||Tactical||Sustainment||1. Provides a framework for application level authorization. Example: User John Smith is authorized to view TCard Photos|
2. In the absence of a framework, each application will create its own authorization framework, leading to the challenge of many authorization systems across ITS
|Completed||Pete St. Onge||Nov 19,2015|
|Identity Management||Utorid User Experience (UX) Refresh||Strategic||Sustainment||Make design changes to Join/UTOR pages in order to improve UX for applicants/students and in order minimize potential questions/emails||Project Website||Completed||Mike Wiseman||Dec 15, 2015|
|Identity Management||Self-Serve Password Reset||Tactical||Sustainment||1. Users can reset their own UTORID password|
2. Currently Faculty & Staff have to go to Robarts or call helpdesk
|Completed||Ian Thomas||Nov 19,2015|
|Identity Management||Password Quality||Tactical||Sustainment||Strengthen the value of the UTORid password as an authenticator||Project Website||Completed||Ian Thomas||Nov 19,2015|
|Identity Management||2 Factor Authentication (eToken)||Tactical||Sustainment||1. 2 factor authentication provides higher level of security for applications requiring a higher level of assurance|
2. Involves migration away from SecurID
|eToken Website||Completed||Mike Wiseman||Nov 19,2015|