WPI to Become Cloud-first Leader
How Worcester Polytechnic Institute replaced decades of code, centralized thousands of identities, and empowered modern, agile, and secure access control
For decades, Worcester Polytechnic Institute’s (WPI) central system of record was a complex legacy platform built on millions of lines of code, requiring considerable manual effort to provision, manage, and disable user entitlements. As WPI prepared to shift its infrastructure to the cloud, it faced a critical choice: rip it out, and re-integrate it piece by piece—or search for a platform that could take its Identity Access Management (IAM) system into the future.
With Saviynt IGA, they could unify complex identities (staff, students, and alumni) under a single system of record, automate secure access to course content and online assets, and deliver a more agile, scalable, and secure platform.
The Opportunity
The Cloud Dilemma: Complex Coding or Simplified IGA?
Founded in 1865, Worcester Polytechnic Institute is a top-tier technological university specializing in science, engineering, and business. The Massachusetts-based school boasts 18 academic departments with over 70 undergraduate and graduate degree programs serving over 7,300 enrolled students.
For decades, WPI used a legacy system of record to build its course list, manage shifting enrollment statuses and entitlements, and provision and disable access. This on-prem system was integrated into its campus-wide communication and financial systems via millions of lines of customized code and required time-consuming manual processes and extra staff to ensure up-to-date and secure data access.
Inconsistent or redundant data entry, along with differing policies and processes across departments, made it difficult to deliver quick access for those just joining the institution or changing responsibilities within it. This outdated system lacked reporting and analytics capabilities, struggled to scale with WPI’s international growth, and wasn’t delivering a modern user experience. It was time for a shift to the cloud.
However, WPI faced an even bigger obstacle: their on-prem infrastructure needed to be ripped out—and connectors for key systems needed to be rebuilt. Their IAM team considered doing the recoding and reintegrating in-house, but this wouldn’t achieve their main goal: fewer manual processes, better support, and automated, centralized repository for all identities.
WPI needed an industry-standard platform that could not only replace its spreadsheets and massive patchwork of PowerShell scripts—but also assimilate its vast and complex institutional rules around affiliation. A student, for example, could also be a staff member; faculty could also be alumni.
After investigating top IGA solution providers and consulting with veteran security engineers in the IAM space, all signs pointed to one solution: Saviynt Identity Governance and Administration.
The Solution
From Antiquated to Automated: Streamlined Identity Management Delivers Rapid Value
Over the university’s winter break, Saviynt and WPI worked together to import, update and change over 40,000 records (each containing hundreds of thousands of pending tasks) from their on-prem Master Data Management (MDM) system. Despite multiple systems and a vast network of applications and systems across different departments, Saviynt IGA successfully merged and reconciled all data and identities into one central repository.
From there, Saviynt integrated with WPI’s main systems of record to merge and secure data about course enrollment, entitlement, role changes—even building access. Now, no matter if a user is a student, staff, alumni, or a combination of all three—WPI has a clear, accurate, and up-to-date line of sight into every identity in its environment.
With Saviynt’s intelligent analytics, any change in an individual’s status triggers immediate access changes. For example, an employee who leaves WPI now loses access as soon as staff enters their separation into the system. Or, if a user is working past a separation date—as many students do—a manager can extend the access. Automated reporting helps WPI identify access risk and prevent any unauthorized user access to university systems, data, and intellectual capital.
In phase two, WPI plans to round out its identity lifecycle visibility into Microsoft 365 and Zoom. When users need access to Microsoft applications and files, Saviynt can enable hiring managers to request access for their employees rather than a slow, manual ticket submission process.
The Results
Unified complex identity scenarios
(like student-staff personas and students accessing alumni networks) into one single source of truth.
Fast, secure student access to course content
including digital libraries, and online communities with Saviynt’s rules-based policy engine. Easily scalable to support remote learning, international student enrollment, and massive open online courses.
Reduced manual processes
and improved response times, and achieved a more stable and secure environment.
Leeann Leclerc
Chief Information Security Officer at WPI
More customer success stories
Ready to see for yourself?
Request a personalized demo with a Saviynt identity expert