Project updates and Taskforce feedback

This second meeting of the Taskforce was held on the 3rd February 2014 in London to update the Taskforce on progress of the Identity Management project and allow them the opportunity to provide feedback on the project’s outputs.

Whereas the first meeting of the Taskforce was a hands-on workshop where the objective was to look at issues, barriers and solutions, this meeting had two aims. The first was to report back to the Taskforce on progress on the various projects undertaken as part of the overall Identity Management project. The second objective was to get feedback from the Taskforce on progress, that the projects’ outputs matched the original requirements, as defined by the group, and to start to think about how we could build on this work in a second phase of the project.

The following notes summarise the presentations and discussions from the workshop.

Introduction – Mark Toole (Chair)

Mark Toole, as Chair of the Taskforce, described his identity management and library background and gave an overview of the project and its mission to look at the non-technical issues around identity management, especially the people and organisational issues. He also gave an overview of the new co-design process. The taskforce has the role to shape the programme and identify practical things we want to achieve. Identity Management is about allowing people to access resources. He stressed that we need practical solutions to social and people issues, rather than new technologies.

This objective came out of the first co-design meeting which led to this project being funded. As a key stakeholder in the co-design process, Mark is also a member of the Futures Forum and reported that there were positive messages from Jisc on the co-design process. In particular, this was the way Jisc would be running its innovation activities and was committed to continuing the Identity Management work, as well as other co-design projects. The afternoon’s session would allow the taskforce time to start thinking about what should be in the second phase of work for the project. For now we would look at the work that had been done and the outputs from the projects. As the project does not end until the end of February there is still work to be done and outputs to deliver.

Overview of IdM projects – Christopher Brown


As the title suggests this presentation gave an overview of all the projects that had been undertaken under the IdM Project, although leaving the externally run projects to the project managers’ presentations.

The presentation started with a reminder of the original requirement for the project, which was to “address the cultural, social and political barriers to good identity management within Higher Education.” This requirement had led to this the Identity Management project. The first objective for the project was to set up the Taskforce, made up of IT/library directors and other representatives from the community with an interest in IdM, and then get them to define the issues and barriers and, working with IdM experts, to formulate solutions. These solutions should map to the outputs of the various projects that form part of the IdM project. The AIM Strategy and Plan were mentioned as the work of this project feeds into these documents. It should be stressed that the work of this project and the Strategy are compatible. There is one AIM strategy and co-design is a way of gathering user requirements.

The original issues were grouped under the following headings:

Governance / Strategy Management and Admin Users / User experience
Culture Monitoring use What is available to me?
Definitions Account management How do I get it?
Ownership of the problem IT support Where do I go for help?
Policies Licences Usability
Changing roles
Access to other systems
Virtual organisations

From these issues the following projects were created and prioritised:

Highest priority

Project 1 – Governance/Definitions
->Project 6 – Licensing (requires outputs from Project 1)
Project 8 – Usability
Project 5 – Usage monitoring
Project 3 – Toolkit (target audience)
Project 4 – Map to IdM Resources
Project 7 – User centric identities
Project 2 – Account Management

Lowest priority

The last two on this list were eliminated to concentrate on the other projects. Projects 1 and 3 were joined together and a consultant was funded to deliver this work. Project 5 also required funding of a consultant. This left Project 5 – Usage Monitoring and Project 4 – Map to IdM Resources left to be covered in this talk. Both projects involved Jisc Communications team and Infonet to help produce the outputs.

For Usage Monitoring the outputs will be:

  • A blog post focusing on usage statistics and monitoring and associated projects
  • Project outputs coordinated and publicised by Comms
  • Raptor and LAMP demos at DigiFest14

For the Mapping to IdM Resources the outputs are:

Other outputs related to this project will involve updates to the Jisc website and a new guide:

  • UK Federation and Shibboleth Consortium information updated on the Jisc website.
  • Updated Identity Management Quick Guide –
  • Additional longer guide to complement and contextualise (not duplicate) the Infonet work, the co-design IdM work and the Janet AIM strategy and plan.

Feedback was generally positive, although the point was made that many of these outputs are to be delivered by the end of February and that we are already in February.

Definitions/Governance and Toolkit projects update – John Paschoud


As project manager for the two combined projects John gave a presentation on the progress so far as well as getting the delegates to provide feedback and opinions on some of the projects’ conclusions. The scope of the work was, within a HE institution, to:

  • Identify responsibilities and ownership of IdM
  • Define generic user categories/groups for IdM (AIdM)
  • Identify relationships of IdM with specific typical IM systems
  • Briefings/engagement for key IdM owners

Although it is easy to talk about IdM to people in the room, it’s not the case for the people we want to get to. Part of the work involves site visits to institutions and so far they have visited Cardiff with plans to visit Sheffield/Coventry, although it has proved difficult to round up the right people and facilitate discussions with them. The point was made that perhaps you can’t engage with these people as it’s at an organisational level and that you can’t deal with this as a quick win in the timescales. Also, calling this identity management is misleading as the project is about improving access to resources.

Responsibilities and ownership

The project has identified approximately four roles at operational head level and the same number above them (governance lead or sponsor):

Operational Head Governance Lead / Sponsor
HR Director PVC Staff
Dir of Student Services / Academic Registrar PVC Research
Dir of Research/Commercial/ Business PVC Research
Dir of Resources (IT, Library, Estates, Finance) CEO / COO / Secretary (/ CIO?)

The focus should be on the first 3 – HR Director, Dir of Student Services/Academic Registrar, Dir of Research/Commercial/Business, but we should target governance leads as the information then filters down to the operational heads. The Chief Information Officer role has a question mark as institutions don’t seem to have a CIO anymore.

Generic IdM user categories / groups

Looking at categories at a macro level there are really just three – Students, Staff and Others, with various sub-categories below these. There followed a general discussion on where people fit under these categories and a range of questions were raised. This included whether eduroam should be under “Others” as it is a service offered. Each of the roles has a start and end time and people may have more than one role. Should alumni be in “Other” rather than “Student”? Would there be an issue when visiting a campus abroad and trying to get access to your home institution? Some of the group believed that creating sub-categories is dangerous, but the majority disagreed.

The roles need to be defined as it is all about who has access to electronic resources, for example the finance system. There was some disagreement about whether this meant access to library resources or all e-resources. Some think it’s just the library, but others believe that it needs to cover much wider IdM issues.

John’s conclusion was that we can have default roles but it needs to cover more than just access to library resources, such as the resource management of the finance system, for example.

Relationships between IdM and specific IM systems

At the project’s workshop held in December 2013 there were no clear conclusions reached on this. This item was discussed at the end of the session when John asked what other approaches (other than technical) to this does the Taskforce think will be productive? There is information on this already in the Toolkit, so it will be checked to see if it is still up to date or requires updating. A link to this information with an explanation was seen as the solution to dealing with this item.

Target briefings for key IdM owners

This was originally defined as a separate project to update the IdM Toolkit so that relevant sections could be targeted to particular key groups. As mentioned above, this work was merged together with the Definitions/Governance work as they are closely related.

The main target groups should be staff, students and research/business. To target these groups, two-sided A4 flyers and a single-page web with links to the Toolkit will be produced. Each will direct the groups to the most relevant information on the Toolkit with summary information. John asked if these were the three best targets. There was a general consensus about the groups but funding/research councils should also be targeted as there is an assumption that they understand IdM but they don’t. These briefings should be endorsed by more than just Jisc, SCONUL and UCISA but the very research councils being targeted. It should also target AMOSSHE and a similar HR group. We need channels into HR and MIS as have always had channels to libraries and IT. Funding councils must be convinced so there is a requirement to talk to them and other groups too – groups who work across institutions.

John listed a potential fourth target – Resources/Services. The group agreed that this should be included as it’s targeting the whole institution. Also, they are the data owners for academic systems. There was still some concern that, even if you identify these targets, you have to get them to the correct individuals and they might be just passed down to the usual people who have to deal with these issues.

There should be some thought to the student’s journey through the institution. Are we dealing with students leaving institutions? What about staff? Are we are engaging with the right groups/people? Some think we shouldn’t be targeting individuals as it’s a university problem. However, others say we should. This was raised at the first workshop as IdM stuff always goes to the same people. The consensus was that we do need to target individuals and explain that it’s an institutional issue?

Usability project update – Stuart Church


Stuart gave the background to the project (which is basically looking at the range of problems students encounter accessing resources), before providing information on the site visits and interim results from the usability survey. The link to the survey is and this has been disseminated via various mailing lists and social media. It was still live at the time of the workshop and would be for a couple more weeks, so the final survey results will be produced at the end of the project.

So far there have been over 350 survey respondents (mainly from Cardiff and Newcastle), 13 interviews with information gatekeepers and 28 with undergraduate and taught postgraduate students.

Stuart presented the interim survey results in various bar charts. There is a broad spread of respondents to the survey but they are mostly undergraduates. With frequency of access, undergraduates have a burst of access whereas researchers access more frequently, which is as expected. Users have different journeys accessing resources so it is interesting to look at where people start on this journey. Students tend to start in the institution’s library. As they progress through courses they start to go straight to resources and by-pass the library offer. There’s an increasing use of Google to get a wider breadth of knowledge on a subject. Some students develop “search rituals” to minimise potential problems, e.g. they log in on their browser then access resources through new tabs. They become more sophisticated users of the system. Searching varies between under/post graduates. Undergrads tend to re-find information. Location showed the biggest contrast as most undergraduates access from home, whereas postgraduates/researchers from their office. The most used devices are laptops, while mobile use is less than 10%, but inevitably increasing. Users currently see mobile devices as limited.

Both groups encountered significant problems accessing resources, but this area requires further investigation of the data. Issues are mainly around log in information. They tend to get problems if they go to the publisher website but not the portal and it should be like that. It’s hard to predict as sometimes users are logged in and have to re-log in, sometimes not. It’s useful to split between institutional and publisher issues. Some Jisc have influence over, but publishers do things in a variety of ways. There are issues around downloading resources and users can get stuck in a loop going between sites. Students expect access to a resource by default and problems arise when they can’t. Open access journals change people’s perceptions.

There is limited functionality available on mobiles and students tend not to like accessing/reading books online. Their preference is for physical books not e-books. For an overall rating of experience of accessing journals online, it’s generally rated good and this was similar for undergraduates and postgraduates/researchers.

These are only the interim results and the survey will run for a couple more weeks when the final report will be written up.

Stuart posed a number of questions for the taskforce and requested help to get a more representative sample. Are there any smaller institutions that could be targeted? The survey will be sent out on the UCISA and SCONUL lists. Concern was expressed about the collection of personal data but the survey is anonymous. The output from the project will be in a format that’s most useful and actionable, but what should it be? It will include the user’s journey, as described above, in a visual way so users can select the relevant issues and results. Is it the format or the audience that’s important? The audience is crucial and the outputs should be aimed at publishers. It’s a difficult message to tell them they are doing something wrong. There needs to be examples of good sites.

REFEDS have a mock website showing good and bad practice. Similar work on this has been done before at Jisc so we need to pick out the AIM issues from this work.

The point was made that the work at some institutions on mobile devices has treated them as consumption devices rather than for discovery.

Stuart confirmed that the survey results match his observations of students during site visits. There have been similar issues across all three institutions investigated.

Summary and Next Steps


The final session of the day focussed on the following topics:

  • Feedback from the group on the projects
  • How best to communicate the outputs of the project.
  • Think about Phase 2 of the IdM project
  • Discuss membership of Taskforce

Feedback from the group on the projects

The session started with a five minute group discussion looking at whether the project had addressed the original problem? The feedback was that the group is missing publishers especially as ~60% of usability issues are in the publisher domain. The projects needed more time but were limited by the time limits of the co-design pilot.

The main issue raised was that the project should be about access to all services and not libraries only. Much of the work undertaken by this project, in particular the Definitions/Governance and Comms-related work, has had a wider perspective than just library systems. The second phase of the project will continue to have this wider scope and the next workshop, where the group will look at what further work is required, will clearly define the scope and requirements for future work.

A number of questions were then asked of the group:

What has the project fully achieved?

It was felt that this was an unfair question as the projects had not yet completed. The problems that need to be addressed are multi-faceted. Identifying this is a quick win. There is a need to go to national organisations. Mark Toole stressed that it’s a major achievement talking about non-technical issues in this environment.  The IdM hub was seen as a good idea. There is a lot of information out there already so bringing it all together is a good thing. This has only been partly achieved as it is yet to be disseminated to the community. The usability study looks like it will achieve what the group wanted it to.

What has the project partly achieved?

Some of the issues at the first workshop boiled down to two things: what’s a student? What’s a member of staff? This is key work and has been partly achieved by the governance project. Feedback on the existing IdM Quick Guide is that it is possibly “too quick” as it doesn’t really say anything and is very bland. The new guides should tell people what they need to do. The wider taskforce needs to answer this question and has to get into the governance of an institution.

What hasn’t been achieved by the project?

It has achieved the realisation that there is a need to get to the top level people downwards. This requires building the relationship between Jisc and those organisations. This needs to be passed upwards within Jisc.

Need to assess risks but make sure they are real risks not made up ones. We should talk about threats and opportunities rather than risks. With commercial partnerships overseas there are new and increased risks and opportunities.

The IdM Toolkit won’t be read unless there are summaries for those levels underneath HR director, for example. These should point people to the relevant parts of the Toolkit. The Toolkit was designed to be exactly that, a toolkit, but you have to know the tool you need. It should include brief case studies highlighting best practice within other institutions. The trouble with case studies is they take too long to set up. The definitions/governance project has done one and it’s been far more difficult getting the right people involved.

Again the IdM Hub is seen as a good place to point groups to and get them engaged. It’s probably unreasonable to expect a HR director to engage with the group until we have something to show them. Do need a HR person in the group as no idea how to flag this work to HR. In one way the project has failed as we still have the usual suspects in the taskforce.

The project has not dealt with people who move across groups from students to staff to others.

The Licensing work has not started as it awaits an output from the definitions/governance project. It should get Jisc Collections to work with publishers to define model licences at a national level. All institutions are doing work on own licence. Need one licence all can use and put in KB+.

How best to communicate the outputs of the project.

This part of the session included questions asked by Jisc Comms about how the outputs could be best communicated at the type of target audience.

The feedback was that Jisc needs to engage with national bodies. The project needs to report back to the co-design group not Comms and it is that group that should decide how to contact these national groups. The outputs cut across a number of Jisc activities and there is a need for this work to be joined up.

Taskforce members need to promote the project wider, not just within institutions but to groups. We should keep the focus on access and people – “who” can access “what” for their daily routine. This should be kept at the front of our minds. We need to engage with the community through “access” not “IdM” and there is still a struggle with what to call it. The language we use should depend on our target audience.  This is something for Jisc to think about for other areas and not just AIM.

Think about Phase 2 of the IdM project

There wasn’t time in this meeting to plan phase 2 in detail, but this part of the session allowed the group to at least think about what might be in phase 2. There will be a workshop on 8 April to fully scope the requirements of future work.

There should be further case studies and we need to find some way to support a slower way of working with institutions and their timetable. It’s more valuable than doing it in a rush. There is a requirement for somebody to set up a forum that is more than discussion and talking shop, but institutions can identify where they are on a maturity model and identify what needs to be done. There needs to be engagement with people to see if they are interested in doing this. We shouldn’t underestimate the lack of awareness with most of their colleagues.

There needs to be more engagement with other institutions that are not represented in this group. We shouldn’t assume that IdM is always first on their list.

If someone responds to a guide and contacts Jisc for help then Jisc should be able to offer help rather than say it’s not in the funding timeframe. The UK federation helpdesk will deal with anything technical. Jisc needs to find a way of providing ongoing support when people engage with the information/guidance we provide now. This is the best way to get case studies as we can document their experience. We have identified categories, so we need to identify issues for each category and how they’ve been solved within an institution. Then have case studies based around these categories rather than the institution. This would be a good way of testing these types of categories. Every institution does IdM but not necessarily done well. There was a reminder that there is already the resource “Access Unlimited, Access Protected”, which includes a video from a HR director.

The scope needs to be clarified for Phase 2. It could include a strand of work on what to do collectively as a community.

Discuss membership of Taskforce

The meeting ended with a brief discussion on Taskforce membership. Everyone present was happy to continue being members of the Taskforce. SCONUL and UCISA originally raised IdM as an issue as part of the co-design pilot. They should continue to be involved. It also requires AMOSSHE and national bodies – funding/research councils. Currently there is an over representation of IT and libraries. Should include smaller institutions, a selection of Jisc banding and categorise institutions as to what role they play. It should remain HE first, but if FE is to be included then that should be in a different group.

Usability Project Survey

As part of the Usability project, we’re investigating the way in which research staff and students in UK Higher Education access online academic resources such as research papers, articles and e-books.

We’ve put together a short online survey to find out more about the problems students and staff may encounter when trying to access these  resources and to see what they do if they can’t access the paper they need.

Please help us out by distributing the survey to staff and students in your institution (e.g. via mailing lists, intranet links or social media). The survey is straightforward and shouldn’t take longer than 5 minutes to complete.

The URL for the survey is

If you have any questions about the survey or would like to be involved in further user testing please contact Stuart Church.



IdM Taskforce workshop (Definitions/Governance and Toolkit)

As part of the information gathering process for the Definitions/Governance and Toolkit projects, a workshop was organised as early in the project timescale as was possible, giving the tight timescale. The workshop took place in London on 17 December 2013. The workshop sought the attendees’ opinion on the following:

  • University membership categories within HE (input into Project 6 – Licensing)
    • agree definitions of common groups of users (also input into Project 6: Licensing)
    • agree common categories of users
  • Ownership of IdM within a university and the best ways of engaging with the key IdM owners
  • Interaction of IdM/AIM systems with other institutional systems (e.g. VLE, LMS, Finance).

The attendance was relatively low but this was expected due to the workshop’s close proximity to the Christmas/ New Year holidays. However, having a small number of participants had the benefit of generating in-depth discussions on the given topics, which was very useful. All the workshop participants were representatives of the Library/IT sector, with no staff from other key institutional services, such as HR, Registry, Student Services etc. This came as no surprise as these services are also underrepresented in the IdM Taskforce.

P1020728 (640x480)

University membership categories (Big or small? More or less?)

The purpose of the exercise was to identify generic/common groups of users (‘micro categories’) within HE that can be applied to a wide range of HE institutions, based on the role that group of users is given within the institution.  To help with the exercise the participants were asked to look at the membership categories identified by Cardiff University, the institution that has arguably done more work in this area than any other UK HE institution. The Cardiff model assumes that each member of Cardiff has one identity but can have multiple accounts/roles.

The participants were also asked to think about the most common user categories within HE (‘macro categories’).

Three ‘macro’ categories were identified: ‘Staff’, ‘Students’ and ‘Other’. The group struggled to find a suitable name for the third category. ‘Other’, ‘Associates’, ‘Miscellaneous’ have all been used in the past but none seems totally appropriate.

The most popular subcategories for:

  • Students– Undergraduate, Postgraduate, Partners UK, Partners International, Alumni
  • Staff – Staff on contracts of employment, Student Union staff, Honorary staff, Contractors
  • Other– Retired staff, Visitors, Staff at partner institutions

The definition of ‘staff’ (and ‘other’) generated considerable discussion. Is it anyone who has a contract of employment? Or is it anyone who has ever had a work relationship with the institution (doing ‘staffy’ things), including retired staff, contractors etc?

P1020737 (480x640)P1020735 (480x640)P1020736 (480x640)

Ownership of IdM within a university and the best ways of engaging with the key IdM owners

The aim of the exercise was to identify the key IdM stakeholders within an institution that have a senior IdM governance role and discuss the best ways of engaging with those individuals.

Three main roles were identified (with possible job titles) but it was acknowledged that it was also important to reach out to even higher level governance figures (CEOs, COOs, VC, Deputy VC etc), even if they only have  a sponsorship role:

  1. HR Director
  2. Head of Students Services
    1. Director of Students Services (Director of Academic Services)
    2. Academic Registrar
    3. Possibly Dean of Students/ Head of Student Experience/ PVC of Students (owns services for students, e.g. pastoral care, quality of student experience)
  3. Research/ Commercial relationships
    1. PVC of Research/ Business/ Knowledge
    2. Director/ Dean/ Head of Research
    3. Director of Business Engagement

The third group is particularly problematic to reach as it usually involves IdM governance for most user groups under the ‘Other’ category and can also be highly distributed within the institutional hierarchy (e.g. Heads of Departments, Innovation groups, Research groups etc).  This group may need a set of principles that can be applied by different representatives of this group, rather than a single briefing.

A number of ways of engaging with these stakeholders were suggested:

  • Use Universities UK and HEFCE (SFC in Scotland) ‘branding’, but not UCISA/SCONUL/Jisc branding due to a strong association with IT services. This would require help from senior Jisc individuals, as out of scope for these projects.
  • Using a case study (perhaps Cardiff) to produce a statement by a university VC/ CEO stressing key IdM benefits and issues that could be provided with the briefing to make it more relevant to the key audiences. Ideally.
  • Using ‘endorser’ quotes.
  • Drawing particular attention to risks and possible legal/ litigation implications of not doing IdM properly.
  • Clearly explaining opportunities, financial advantages, efficiency gains etc.

P1020739 (640x480)

Interaction of IdM/AIM systems with other institutional systems (e.g. VLE, LMS, Finance)

Once an institution has a fully operational IdM system, it is important to make sure that that system interoperates fully with other institutional systems, such as the HR, Finance, and Student Records systems.

Although the workshop provided some useful information, it is felt that the collected information is not sufficient and needs to be substituted with some relevant content from the Jisc IdM Toolkit (mainly Chapter 3: IdM Systems) and further consultation with the IdM Taskforce Group. However, it was acknowledged that as the list of systems that can interoperate with the IdM systems keeps expanding, it is not realistic to produce a definitive list. The way an institution might use its IdM system will be influenced by a number of factors, e.g. maturity and sophistication of the IdM system, staff expertise, financial and time constraints etc, and is likely to evolve over time.

This post was written by Masha Garibyan.

IdM Governance/Definitions and Toolkit (Target audience) Projects

In an earlier post the different (sub-)projects that make up this Identity Management project were described. Two of these projects are being undertaken in parallel as the issues tackled by the projects are closely interlinked. This post gives an overview of the two projects.

IdM Governance/Definitions Project (Project 1)

This project is investigating the following issues raised by the Taskforce:

  • Policies/Definitions – Ensuring IdM is properly recognised (and resourced) in institutional policies
  • AIM Higher: Culture/Ownership of the problem – Break down silos within the institution which blocks solution of IdM issues (some problems need co-ordination of different parts of the organisation)
  • Ownership of the problem – Determine ownership and responsibilities for AIM and IdM decision making within an institution.
  • Purpose of AIM system – Clearly articulate the role of IdM and AIM systems alongside other institutional systems (e.g. VLE, LMS, Finance)
  • Granularity – Categorising common different groups of users based on their relationship with the institution, physical location and their entitlement to resources.

This project feeds into Project 6 – Licensing.

IdM Toolkit (Target audience) Project (Project 3)

Project 3 is concerned with reviewing and updating the existing Jisc Identity Management Toolkit ( and producing briefing papers for key IdM Governance audiences. This will involve taking existing parts of the Toolkit and looking at the potential in expanding it to include briefing papers, for example, that can target specific positions within HE. This would include, for example, IdM for Library Directors, IdM for IT Directors, IdM for VCs, etc and highlighting the different parts of the Toolkit relevant to each role.

As this project relates to the Jisc Identity Management Toolkit, it will require input from a Toolkit developer and close work with Infonet ( , who host the Toolkit and are currently reviewing AIM outputs for inclusion in a top level Identity Management topic focussed “hub” (see Project 4 – Map to IdM Resources; ) .

Case studies

The success of both projects depends on obtaining information about the existing IdM practices of the Taskforce member institutions, particularly the three institutions that have agreed to act as case studies for Project 1 (University of Cardiff, Sheffield University, and Coventry University).

Project staff

The projects are undertaken by Local Knowledge as contractors of Jisc.

  • John Paschoud – Managing Consultant, Local Knowledge
  • Masha Garibyan – Consultant

Project website

All project outputs will be made available on the Jisc Identity Management Toolkit website ( under the Creative Commons Attribution-NonCommercial-ShareAlike Licence (

Project timescale

November 2013-February 2014

IdM Taskforce workshop on 17 December 2013

A workshop was held in London to discuss the issues being dealt with by these projects. The outputs from this workshop will be summarised in a subsequent post.

This post was written by Masha Garibyan.

Identity Management Usability Project

In this project, Stuart Church from Pure Usability is carrying out research about the usability and user experience (UX) of current identity management systems that users must negotiate when logging on to library systems and accessing online resources.

The first stage of the project included a literature review and a consultation with identity management taskforce members to generate a better understanding of the landscape in which identity management is implemented. Stuart asked the taskforce for their views via a short online survey and we discussed the survey findings in a webinar.

The survey findings included:

  • Benefits of identity management include: compliance, efficiency & risk management (for institutions) and access to resources (for end users)
  • Challenges are: complex licences, complex relationships of end-users with the institution, assumption that it’s an IT problem, and fragmented IT landscapes.
  • There is some expectation that identity management will become more granular and more sophisticated in the next two years.
  • Culture is really important – issues need to be understood and communicated effectively by middle- and senior- managers.
  • Barriers to better identity management include: complex licences, interoperability and fragmented IT systems, lack of time & resource.
  • Potential UX issues are: Multiple systems for logging in, user awareness of what they are entitled to, understanding how Google Scholar fits into their workflow

Stuart’s presentation summarising the survey findings:

In the webinar, we also agreed that looking at user experience issues when accessing resources via different mobile devices is also a priority for the project. The current way identity management is implemented doesn’t seem to match mobile access very well. Users have to move from institutional websites to apps for different content and it’s often unclear how to use the apps provided by publishers when it comes to authentication. Some of these points were addressed in a recent workshop  on mobile issues.

The next phase of the usability project will involve designing an online survey which we hope to distribute quite broadly through institutions represented on the identity management taskforce and beyond. In January, Stuart will also visit a range of institutions to interview librarians, IT support and HR staff who will be able to offer insights into the problems end users are facing and conduct interviews and user testing with students and researchers. This will help to understand real live usage scenarios, users’ search problems and the systems they are using to solve these.

Questions and Hypothesis to be explored by the project include:

-What do users do when they fail to get access to a resource?
-How do users think about search?
-How can local interfaces be adapted to make discovery easier?

Turning ideas into a plan

Following the Taskforce workshop (see previous post) there were a number of issues and potential solutions identified. The next stage in the project was to turn these into specific projects. These projects could be work undertaken internally by Jisc or funded externally.

If you read the previous post you will see a list of template documents filled out during the workshop. These described the issues and then solutions that could be undertaken in less than 6 months, 6-12 months and 12+ months. As the timeframe of the co-design project is short (ends January 2014) this project looked specifically at “quick wins”. The plan, therefore, had to concentrate on these, but also recognise that this work was laying the foundations for potential longer term solutions.

As a reminder, the issues raised by the Taskforce were grouped under three areas: Governance/Strategy, Management and Admin, Users/User experience. Despite having 17 issues under these categories, it was possible to group similar ones together. This resulted in the following projects, or sub-projects, that could potentially be undertaken within this IdM project:

Project 1 – Governance/Definitions
Incorporating the following issues:
Governance/Strategy – Policies/Definitions
Governance/Strategy – AIM Higher: Culture/Ownership of problem
Governance/Strategy – Ownership of the problem
Management/Admin – Purpose of AIM system
Management/Admin – Granularity
Summary: Identify and contact 2-3 institutions to use their IdM documents and processes with examples and input into a workshop involving university representatives (HR, registry, IT, library and users) to help define roles, responsibilities and ownership, categories of users, relationship between IdM and other systems. Publish guidance on roles and responsibilities, user definitions and categories, and purpose of IdM systems.

Project 2 – Account Management
Incorporating the following issue: Management/Admin – Account Management
Summary: Set up IdM expert group to review existing solutions and design protocols and processes for semi automated creation and deletion of accounts. Publish outputs from the review.

Project 3 – Toolkit (target audience)
Incorporating the following issue: Management/Admin – Support
Summary: To ensure IT and Library Directors have the support required to position IdM with their institutions, the Toolkit developers will investigate taking existing parts of the Toolkit and look at the potential in expanding it to include briefing papers targeting specific positions within HE.

Project 4 – Map to IdM resources
Incorporating the following issue: Management/Admin – A thing for Jisc to do
Summary: Collate links and information on all Jisc funded IdM resources and project outputs. Synthesise and avoid use of technical jargon. Create a dedicated page/site with a top level IdM topic focus with links to IdM related resources.

Project 5 – Usage monitoring
Incorporating the following issue: Management/Admin – Usage Monitoring
Summary: Jisc Comms to publicise importance of usage statistics through a briefing paper, for example. Incorporate outputs from Raptor, Raptor pilots, JUSP, Raptor-JUse and LAMP projects.

Project 6 – Licensing
Incorporating the following issue: Management/Admin – Licensing
Summary: Jisc Collections to investigate and explore the definition of a software and content model licence and publish recommendations to institutions. Requires “definition of common user groups” from Project 1 – Governance/Definitions as an input.

Project 7 – User centric identities
Incorporating the following issue: Management/Admin – Cloud identity
Summary: Investigate use of 3rd party credentials (such as cloud, social media, Apple, Android or Microsoft app store, etc.) to access institutional resources and publish recommendations to institutions.

Project 8 – Usability
Incorporating the following issue: User/user experience – Usability
Summary: Undertake a landscape study to investigate previous work in this area, followed by a behavioural study in approximately 3 institutions of user behaviour when logging on to resources and their awareness of entitlements. Publish usability report and recommendations.

With all of these projects, the Taskforce will be involved by providing input, feedback and recommendations through the mailing list or project-led workshops.

As the timeframe is short it would not be possible to complete all of the above projects so they were prioritised by the Taskforce as follows:

Highest priority
Project 1 – Governance/Definitions
Project 6 – Licensing (requires outputs from Project 1)

Project 8 – Usability

Project 5 – Usage monitoring

Project 3 – Toolkit (target audience)
Project 4 – Map to IdM Resources

Project 7 – User centric identities

Project 2 – Account Management
Lowest priority

The two projects with the lowest priority (User Centric identities and Account Management) would not be considered further as part of this IdM project. However, they could still be considered if the IdM co-design work is continued after January 2014.

This left six projects that could progress. The next stage was to write more detail on each project’s requirements in project briefs and contact the relevant people who could actually do the work. More detail on the specific work of these projects will be revealed in further blog posts.

What are the issues?

Identifying the issues and potential solutions

The purpose of the first workshop and face-to-face of the Taskforce was to elicit requirements from members of the Taskforce through a frank and open facilitated discussion about the issues. Then, with guidance from IdM experts and Jisc/Janet representatives, to identify solutions, particularly quick wins, that can be dealt with in the co-design timeframe and longer term, bigger issues.

This blog post provides a summary of the day’s discussions, the issues raised and the potential solutions. Although the workshop was held back in July the discussions and outputs are relevant to the ongoing work of the project.

Introduction – Mark Toole
Mark Toole is a member of SCONUL and one of the originators of this idea. He is also the Chair of the Taskforce and gave an introduction to the workshop. Mark described his identity management and library background. He gave an overview of the new co-design process. The taskforce has the role to shape the programme and identify practical things we want to achieve. IdM is about allowing people to access resources. He stressed that we need practical solutions to social and people issues, rather than new technologies.

The Jisc AIM strategy and plan was circulated to the taskforce prior to the workshop to show what Jisc is planning in this area. There will be technologies in the plan but this project is more about people. Jisc is joining the bits together to present a coherent approach.

Gather user requirements
The purpose of this initial morning session was to identify IdM issues in institutions. It was stressed that this should be user led and to not discuss solutions or technical issues at this stage. Delegates were split into 3 groups – red, yellow and green.

Each group spent 10 minutes recording issues on Post-It™ notes and the rest of the time discussing these and grouping them together on flipcharts. For example,

Group issues Group issues Group issues

A representative from each group gave feedback on the discussions and issues identified.

Addressing the Issues
In this afternoon session we concentrated on what could realistically be achieved within 3-6 months but also looked at how longer term work (6+ months) could be addressed. The groups remained as they were before lunch.

Group discussion

During the lunch break the ideas had been summarised into the following three groups:

Governance / Strategy
Ownership of the problem

Management and Admin
Monitoring use
Account management
IT support
Changing roles
Access to other systems
Virtual organisations

Users / User experience
What is available to me?
How do I get it?
Where do I go for help?

The first 10 minutes of this session were spent checking with the attendees that there was nothing missing from the list and that it was a fair and accurate summary of their discussions. With the final list agreed, each group was then asked to select an idea from the list and complete an Idea Template Sheet. It was suggested that groups went through these in order of importance and to select 3-4 issues, spending no more than 15 minutes discussing each issue.

At the end of this session a representative from each group summarised the ideas chosen and the potential solution.

The ideas presented from each group are in the following separate documents:

Document Idea Document Location
issue green 1 Policies/Definitions
issue green 2 Account Management
issue green 3 Purpose of AIM System
issue green 4 Usability
issue green 5 Usage Monitoring
issue red 1 Management / Admin – support
issue red 2 Management + Admin: A thing for Jisc to do
issue red 3 AIM Higher: Culture/Ownership of problem
issue red 4 Licensing
issue yellow 1 Cloud identity
issue yellow 2 Ownership of the problem
issue yellow 3 Granularity
issue yellow 4 What is available to me?

Following the presentations of each idea and corresponding solution, we moved into the final session of the day, which included summary and feedback.

Mark Toole, as Chair of the Taskforce and workshop, gave a summary of the workshop:

  • A number of difficult areas which have big institution-wide ramifications
  • Many of the issues go beyond the traditional Jisc community of IT and libraries
    • Some require senior management engagement for effective resolution
  • Most of the issues appear to be common to most institutions
  • A number of long standing issues, particularly in the policy area
  • Proposed solutions:
    • A number involve briefing materials and awareness raising
    • Some pilots
  • Fundamental question: what is the purpose of an AIM system?
  • How can AIM systems support other systems and new services (eg analytics)

Mark O’Connor, who was facilitating the workshop, collated feedback from the attendees on lessons learned from the day. The feedback was as follows:

Done well
Pre-reading, list of delegates and roles
Good mix of views and representatives.
Mechanistic approach/process, but required to get through the day.

Didn’t do well
Could have had one user day followed by one expert day.
What do we do with the issues we didn’t discuss? Too much for group to think about.
Not enough representation.
Was a day enough?

Would change
Who else should we be engaging with?
Need to raise awareness of IdM issues.
Get right messages to vice-chancellors, engage with senior level executive.

Before closing the workshop the Taskforce was told that all the ideas would be put up online (see above) for comment from all members of the Taskforce, including those unable to attend. Following the workshop a report would be produced (this blog post is a summary of that report), but most importantly an action plan for the project to take us up to January 2014. The plan will be described in the next blog post.

On the Origins of the Project

The origins of this project stem from the original co-design meetings held in early 2013. A number of issues were raised by the co-design partners and one of these was Identity Management. This was initially raised by SCONUL as an area that needs to be resolved. It’s important to ensure that this project goes some way to resolving the requirements from the co-designers.

This post is a summary of the original idea taken from the template used to collect the details from the co-designers.

Idea Name
Addressing the social and political barriers to good identity management.

This is an investigation into the cultural, social and political issues that are preventing excellent identity management in institutions. This investigation will explore the issue from a user’s point of view and will identify practical options for addressing the barriers identified. This project will take a library focus.

Success criteria
The ultimate aim of this work is:

  • Libraries stop being seen as a barrier
  • Improved user experience
  • Simpler access to resources

To be successful the taskforce needs to identify the issues and identify practical steps for addressing the issues and the people who need to be involved in those steps. This needs to be presented very clearly and in a non-technical manner.

The taskforce needs to identify strategic value of any recommended actions.

This project could be achieved by:

  1. Forming a taskforce of people with the skills required to identify and address access management issues for users. This should include people who are dealing with day to day issues as well as those from relevant access and identity management groups that already exist.
  2. Identify areas for quick wins
  3. Have a budget to direct at achieving quick wins
  4. Explore longer term issues and identify potential routes for dealing with these issues

Scope of this project could be challenging. The taskforce should consider picking a few specific challenges to work on while still considering the bigger picture. One example of a specific challenge is overseas students trying to access electronic resources either via a local campus or via their own network connection.

The taskforce should focus on user and service based issues, not technical ones, although some blurring of these boundaries will be inevitable.

The taskforce may also want to consider the barriers involved in providing support on access management issues.

Mobile devices are likely to be in scope. Overlap with other co-design ideas will need to be considered here.

The project will need to align with the work of a number of groups in this area. Particularly the SCONUL and UCISA access and identity management groups. The project will need to ensure that the risk of duplicating the function or plans of existing groups is managed closely.

Potential outputs

  • A report on the problems and barriers
  • A set of practical options
  • Some activities designed to achieve quick wins
  • Plans for dealing with longer term issues.

This work could lead to the need for an ongoing commitment to address the issues uncovered. This possibility will need to be addressed in planning the project.

The above was used as an input to the first face-to-face workshop for the Taskforce, where the issues around identity management and potential solutions were discussed in more detail. From this workshop a detailed plan was developed and a number of projects were identified and funded. As you can see, this original set of requirements was a key driver for the project.

Details of the workshop, plan and funded projects will be included in further blog posts.

The Identity Management Project blog

Welcome to the Identity Management Project blog where you will be able to follow the progress of this project – one of a number of Jisc co-design projects running throughout 2013 and into the early part of 2014.

As part of this pilot co-design process, Identity Management was identified as one of the key challenges by the five partner organisations, in particular addressing the cultural, social and political barriers to good identity management within Higher Education. This project explores the issues from a user’s point of view and will identify practical options for addressing the barriers identified. The scope for this project includes library issues but also challenges i.e. related to HR and student services.

If you want to find out more about this project, please go to the About the Project page where we try to answer some of the more typical questions.

This project receives input and oversight from its Taskforce, which includes people with the relevant skills required to identify and address identity management issues for users; people who are dealing with day to day issues, as well as those from existing relevant access and identity management groups. If you would like to volunteer to be a member of the Taskforce please email Christopher Brown or Verena Weigert.

To solve some of the issues raised by the Taskforce this project has funded a number of projects (or “sub-projects”). We will be using this blog to post regular updates and news on these projects and their outputs, so watch this space.