Identity Management

Enhancing the User Experience

Matthew O. Pahls

Matthew O. Pahls

Lead IT Security Engineer Kent State University

1. A few IAM best practices2. The people problem3. Usability and beyond4. The user lifecycle 5. A look at Kent State University6. Take a look at usable IAM functions7. Preparing for the future (Convergence)

Matth

ew

O. P

ahls

Agenda

Strive for the fewest number of Identity repositories.

Expect to use multiple authoritative sources for user information.

Separate the authoritative repository from the enterprise directory

Choose a pragmatic goal for user-to-role assignment

Match the culture and operations of your business with a role framework

Automate Provisioning

Provide knowledge and control to business owners and custodians

Matth

ew

O. P

ahls

Just a few IAM best practices

Behind every quantitative study lurks a rather peculiar variable.

“Each individual will adopt a course of action that will involve the expenditure of the probably least average of his work” - George Kingsley Zipf

Will not seek out information that makes their jobs harder

At best we “satisfice” under “bounded rationality”

I.A.

Matth

ew

O. P

ahls

The people problem

Testing one person is better than testing none.

Testing one user in the beginning of a project is better than testing 50 near the end.

The importance of recruiting representative users is overrated.

Testing in an iterative process

Top 5 reasons for not testing● We don’t have time● We don’t have money● We don’t have the expertise● We don’t have a usability lab● We wouldn’t know what to do

with the results.

Matth

ew

O. P

ahls

The people problem

Matth

ew

O. P

ahls

The people problem

Matth

ew

O. P

ahls

The people problem

Useful

Desirable

Usable

Findable

Matth

ew

O. P

ahls

Usability and beyond

Accessable

Valuable

Creditable

Secure

Matth

ew

O. P

ahls

Usability and beyond

Free(ish)● Card Sorting ● Five Second Tests● Click Tracking● Heatmaps● Mouseflow

Split Testing● A/B

***Google Analytics ***

Guerilla Usability ● Recording everything

Focus groups

Matth

ew

O. P

ahls

Usability and beyond

Matth

ew

O. P

ahls

The user lifecycle

Matth

ew

O. P

ahls

A Look at Kent State University

Facebook

Matth

ew

O. P

ahls

Usable IAM function

Facebook

Matth

ew

O. P

ahls

Usable IAM function

Enter in code from email

Select a new password

Google Account Creation

Matth

ew

O. P

ahls

Usable IAM Function

Keeping your users informed.

Matthew Pahls,

Your Kent State University password has been changed on

05/13/2014 02:30 PM. If you are not aware of this change, please

contact the Helpdesk at 330.672.HELP (4357).

As a reminder your alternate e-mail address will not be used for

marketing purposes.

Thank you,

Kent State University Helpdesk

Information Services

Call: 330.672.HELP (4357)

Visit: 1st Floor Library Walk-Up Desk

Matthew Pahls,

Your Kent State University alternate e-mail address has been

changed to asdfasdf@gmail.com on 05/13/2014 02:30 PM. If you

did not initiate this change, please contact the Helpdesk at

330.672.HELP (4357).

As a reminder your alternate e-mail address will not be used for

marketing purposes.

Thank you,

Kent State University Helpdesk

Information Services

Call: 330.672.HELP (4357)

Visit: 1st Floor Library Walk-Up Desk

Matth

ew

O. P

ahls

Usable IAM function

2-Factor Authentication

Lets just see how easy 2-Factor can be to setup with an example.

Lets use Duo Security

Matth

ew

O. P

ahls

Usable IAM function

Risk based authentication (when 2factor just doesn’t work)

Matth

ew

O. P

ahls

Usable IAM function

You are the passwordNymi Wristband

● Recognize you based on your unique cardiac rhythm

● Low power Bluetooth ● Gesture based movements

○ eg Opening a Door

Matth

ew

O. P

ahls

The future

Questions?