The University of East Anglia (UEA) has implemented Quest Authentication Services to enable single sign-on authentication for over 40,000 user accounts. The new system has dramatically reduced the number of help desk and support calls.
The university has a number of IT systems, including desktop and email systems and a new portal, to which students are assigned a username and password. The authentication team at UEA is responsible for providing each user with secure access, but the university’s old system did not enable automatic password synchronisation.
To keep things simple for the students the IT department encouraged them to use the same password for all logins. This resulted in security, maintenance and support challenges for the department.
Each of the 1,750 Unix workstations and 250 Unix servers had to be configured individually to ensure the systems were not subject to unauthorised access. This was very inefficient and time consuming – UEA estimates that its 50 IT support staff were spending between one and five days per week on Unix maintenance.
The university first attempted to address the issue in 2006 by implementing Microsoft’s Services for Unix, which provided UEA with a single database of users and an automated synchronisation of passwords.
Services for Unix was unable to cope with the various systems used by UEA and the system began to crash. While crashes during the day resulted in downtime of just a few minutes, if the crash happened out of hours downtime would be much longer. Given that students are not renowned for sticking to the traditional nine to five working hours, the university felt that level of service was not good enough.
UEA felt that revenue would be at risk if a problem occurred during the clearing process when new students are offered places.
IT staff were also uncomfortable with the level of security offered by the system. Limitations in the password security could potentially have left the system open to security abuses and phishing attacks.
The university decided to look for an alternative to Services for Unix a year after first installing it and after a proof of concept project it selected Quest Authentication Services. The system was rolled out for UEA’s major applications at the start of the 2007/08 academic year.
Jon Woodley, system developer at UEA, said: “Quest Authentication Services provides single sign-on authentication for access to all of our systems, enabling us to centrally configure, control and verify access to each of them. This gives us peace of mind – for example, we have considerably more confidence that a student is unable to gain unauthorised access to sensitive systems such as the university’s finance system – and simplifies the auditing process.”
The IT department has noticed a significant drop in the number of calls from students struggling with their login. Woodley said: “I would estimate that each year, around 25% of our 4,000 new students would have needed help with a password synchronisation problem – which equates to a lot of calls. Quest Authentication Services has eliminated these problems, freeing up the help desk to focus on other issues, such as helping any new students that need technical assistance.”
The university has also seen financial benefits from the system. Its licence costs are kept to a minimum because only one username and password is required for each user.
UEA estimates that a full ROI was reached less than a year after implementation. “The benefits we’ve realised mean that Authentication Services has already paid for itself. Over time, the ROI will continue to rise, as Authentication Services continues to add value, ” said Woodley.
The University of East Anglia offers over 300 subjects to 13,000 undergraduate students and 3,500 postgraduate students. It was founded in the 1960s.