Table 1. Overview of the identity management practices of the universities, including user populations, access limitations, authentication methods, and password policies.
| Category | Data on Public Universities | Data on Private Universities |
|---|---|---|
| UP | Faculty, staff, students, consultants, temporary
employees |
Faculty, staff, students, consultants, temporary
employees |
| EE | None specified | Contractors and Vendors |
| AL | Yes | Yes |
| PA | No | No |
| ATHP | Role-based access control system | Users will be authenticated via their unique
username and password, which will be verified against an Active Directory database |
| ATHL | Based on role:
Student, faculty, admin, guest |
Based on privileges:
Read-only, Standard, and Administrator |
| AAA | System administrator, department head | The request must be approved by the system
owner or designated approver |
| USCH | No.
New role – new account |
Yes |
| UUA | Yes | Yes |
| ADP | Accounts that are no longer needed will be identified
and deactivated within 24 hours of notification of the user's departure or change in job function |
Manually deleted by system administrator |
| UATHM | CUNY portal single-sign on | Users will be authenticated using Active
Directory |