Customer success stories

WPI to Become Cloud-first Leader

How Worcester Polytechnic Institute replaced decades of code, centralized thousands of identities, and empowered modern, agile, and secure access control

For decades, Worcester Polytechnic Institute’s (WPI) central system of record was a complex legacy platform built on millions of lines of code, requiring considerable manual effort to provision, manage, and disable user entitlements. As WPI prepared to shift its infrastructure to the cloud, it faced a critical choice: rip it out, and re-integrate it piece by piece—or search for a platform that could take its Identity Access Management (IAM) system into the future.

With Saviynt IGA, they could unify complex identities (staff, students, and alumni) under a single system of record, automate secure access to course content and online assets, and deliver a more agile, scalable, and secure platform.

The Opportunity

The Cloud Dilemma: Complex Coding or Simplified IGA?

Founded in 1865, Worcester Polytechnic Institute  is a top-tier technological university specializing in science, engineering, and business. The Massachusetts-based school boasts 18 academic departments with over 70 undergraduate and graduate degree programs serving over 7,300 enrolled students.

For decades, WPI used a legacy system of record to build its course list, manage shifting enrollment statuses and entitlements, and provision and disable access. This on-prem system was integrated into its campus-wide communication and financial systems via millions of lines of customized code and required time-consuming manual processes and extra staff to ensure up-to-date and secure data access.

Inconsistent or redundant data entry, along with differing policies and processes across departments, made it difficult to deliver quick access for those just joining the institution or changing responsibilities within it. This outdated system lacked reporting and analytics capabilities, struggled to scale with WPI’s international growth, and wasn’t delivering a modern user experience. It was time for a shift to the cloud.

However, WPI faced an even bigger obstacle: their on-prem infrastructure needed to be ripped out—and connectors for key systems needed to be rebuilt. Their IAM team considered doing the recoding and reintegrating in-house, but this wouldn’t achieve their main goal: fewer manual processes, better support, and automated, centralized repository for all identities.  

WPI needed an industry-standard platform that could not only replace its spreadsheets and massive patchwork of PowerShell scripts—but also assimilate its vast and complex institutional rules around affiliation. A student, for example, could also be a staff member; faculty could also be alumni.

After investigating top IGA solution providers and consulting with veteran security engineers in the IAM space, all signs pointed to one solution: Saviynt Identity Governance and Administration.

It didn't make sense to go through an entire rip and replace of our current solution for something that would not even meet all of our needs.

LeEAnn LeClerc

Chief Information Security Officer at WPI

The Solution

From Antiquated to Automated: Streamlined Identity Management Delivers Rapid Value​

Over the university’s winter break, Saviynt and WPI worked together to import, update and change over 40,000 records (each containing hundreds of thousands of pending tasks) from their on-prem Master Data Management (MDM) system. Despite multiple systems and a vast network of applications and systems across different departments, Saviynt IGA successfully merged and reconciled all data and identities into one central repository.

From there, Saviynt integrated with WPI’s main systems of record to merge and secure data about course enrollment, entitlement, role changes—even building access. Now, no matter if a user is a student, staff, alumni, or a combination of all three—WPI has a clear, accurate, and up-to-date line of sight into every identity in its environment.

With Saviynt’s intelligent analytics, any change in an individual’s status triggers immediate access changes. For example, an employee who leaves WPI now loses access as soon as staff enters their separation into the system. Or, if a user is working past a separation date—as many students do—a manager can extend the access. Automated reporting helps WPI identify access risk and prevent any unauthorized user access to university systems, data, and intellectual capital.

In phase two, WPI plans to round out its identity lifecycle visibility into Microsoft 365 and Zoom. When users need access to Microsoft applications and files, Saviynt can enable hiring managers to request access for their employees rather than a slow, manual ticket submission process.

Saviynt and WPI worked together to import, update, and change over 40,000 records - merging and reconciling all data and identities into one central repository over the winter break.

THE RESULTS

Unified complex identity scenarios

(like student-staff personas and students accessing alumni networks) into one single source of truth.

Fast, secure student access to course content

including digital libraries, and online communities with Saviynt’s rules-based policy engine. Easily scalable to support remote learning, international student enrollment, and massive open online courses.

Reduced manual processes

and improved response times, and achieved a more stable and secure environment.

Get Started Today

See the power & simplicity of Saviynt

Saviynt named a Gartner® Peer Insights™ Customers’ Choice: IGA Learn More >