What makes a COTS system an effective alternative and ultimately more attractive for a campus is its capacity for centralized administration. It’s as simple as logging into the browser which immediately triggers the PIAM backend system chain of events. By automating the various processes, the user reduces the risk of manual errors and potential security breaches, and minimizes operational costs. For example, when a student or faculty/staff member is enrolled in the system, their identity is automatically tied into several campus systems such as PACS, HR, debit systems, library systems, parking and so on. With this single identity, they can use their one badge all across campus for any of the services mentioned. And, in the instance of a threat situation, access can instantly be revoked or access to restricted or sensitive areas can be denied.
Customized Solutions
PIAM solutions that are in compliance with federal, state and agency regulations as well as any donor or school-imposed policies are more readily available from vendors who understand the requirements both from the business/regulation side and from the technical side. The work is done and built into the application and in most instances the software program will meet the customer’s requirements out of the box for complying with the Family Educational Rights and Privacy Act (FERPA) or HIPAA.
Related Article: Protecting VIP Patient Privacy
Vendor-based solutions also feature quick and efficient enforcement and reporting of compliance issues with options for pulling reports. These real time reports and executive dashboards allow the school to streamline card lifecycle and compliance management as it pertains to FERPA and HIPAA.
Convenience
The operation and use of COTS software typically includes the capability to easily and readily manage all types of identities including students, faculty and staff as well as temporary employees, contractors, service providers and vendors. Physical identity details such as biographic and biometric information as well as results of security checks and historical usage need to be accessed and provisioned correctly and de-provisioned accordingly in a timel
y and efficient manner. In addition to aggregating access level information from various systems, PIAM software should encompass details such as risk level, area owner, multiple approvers and prerequisites for access. The system must also provide audit trails of all transactions.
Meeting Objectives
For educational and healthcare institutions, the ideal COTS solution will take cost, customization and convenience into account. These features and other proven system amenities make implementation and use of COTS software more convenient than a home-grown solution.
Ajay Jain is the president and CEO of Quantum Secure.
Note: The views expressed by guest bloggers and contributors are those of the authors and do not necessarily represent the views of, and should not be attributed to, Campus Safety magazine.
