Self Service Password Reset

Message from adamschumacher@creighton.edu

Maybe I am missing something obvious, but why would you want to exclude users from being able to reset their own password? Our self-service requires "multi-factor" authentication (answer security questions & access to external email account or cell phone), and unless the user has not provided the required information (or doesn't remember what it was), she should be able to reset the password. We encourage this as much as possible, as it reduces the load on the HD. Even if the customer calls the help desk and needs some kind of manual intervention (forgot answers, never set it up, etc), they will walk her through setting up and using the self-service tools so that next time maybe she will not need to call. ::Adam >

Posted by: listserv-anon on July 5, 2012

Excellent point Adam. The particular case we were considering with this question was our high level people (provost, president, etc). Namely, what would happen if someone were able to answer the challenge questions and take over their account. How much damage could be caused in such an instance. Granted, the likelihood of that happening is very low, but still...

I wanted to ask the question to determine if we were being overzealous on this particular point. Thanks!

Shawn

-----

Shawn A. Kohrman, Security Architect

Azusa Pacific University
Information & Media Technology

901 E. Alosta Ave., PO Box 7000
Azusa, CA 91702-7000

P: 626.815.2054 | F: 626.815.2061 | http://www.apu.edu/

-----

Posted by: kohrman on July 5, 2012

Message from adamschumacher@creighton.edu

That is why we went with the two factor approach, to mitigate against a guessing attack. Most everyone has at least either a cell phone or a second email address. Of course, if they've used the same easily guessed questions for their external email password reset.... ::Adam > -----Original Message----- > From: The EDUCAUSE Security Constituent Group Listserv > [mailto:SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of Shawn Kohrman > Sent: Thursday, July 05, 2012 17:47 > To: SECURITY@LISTSERV.EDUCAUSE.EDU > Subject: Re: [SECURITY] Self Service Password Reset > > Excellent point Adam. The particular case we were considering with this > question was our high level people (provost, president, etc). Namely, what > would happen if someone were able to answer the challenge questions and > take over their account. How much damage could be caused in such an > instance. Granted, the likelihood of that happening is very low, but still... > > I wanted to ask the question to determine if we were being overzealous on > this particular point. Thanks! > > Shawn > > ----- > Shawn A. Kohrman, Security Architect > > > Azusa Pacific University > Information & Media Technology > 901 E. Alosta Ave., PO Box 7000 > Azusa, CA 91702-7000 > > P: 626.815.2054 | F: 626.815.2061 | http://www.apu.edu/ > ----- > > > >

Posted by: listserv-anon on July 5, 2012

We use People Password. Users are basically on or off in the People Password system based on Active Directory OU's. If other products work in a similar way, I suppose you could just put these particular users in their own OU to exclude them from your password reset system, right?

Best,

Brady Gallese

Susquehanna University

On Jul 5, 2012, at 6:47 PM, Shawn Kohrman wrote:

Excellent point Adam. The particular case we were considering with this question was our high level people (provost, president, etc). Namely, what would happen if someone were able to answer the challenge questions and take over their account. How much damage could be caused in such an instance. Granted, the likelihood of that happening is very low, but still...

I wanted to ask the question to determine if we were being overzealous on this particular point. Thanks!

Shawn

-----
Shawn A. Kohrman, Security Architect

Azusa Pacific University
Information & Media Technology

901 E. Alosta Ave., PO Box 7000
Azusa, CA 91702-7000

P: 626.815.2054 | F: 626.815.2061 | http://www.apu.edu/

-----

Posted by: gallese@susqu.edu on July 5, 2012

We have certain accounts in which the password can't be reset via SSPR. Most higher level accounts (admin/service accts/etc) are excluded from the password reset utility and must be reset "from the inside." Otherwise, SSPR works well as we have an "opt in" approach and educate users on why they should participate. Our Help Desk assists users as Adam mentions below, but they first confirm identity via impromptu challenge questions from our SIS. Bob

Posted by: r.witmer@snhu.edu on July 6, 2012

Shawn, In our plans for a Fall go-live, the mechanisms people are allowed to use to reset a password are based on the risks associated with their accounts. The current working model is to assign a risk score between 1 and 50 to an account or role. We're actually only using 10,20,...50 but we wanted the extra space to allow for more granularity in the future. Authentication options for password reset include: -secret question/answer (KBA) -third party email OTP -cellphone OTP Future options providing more possible choices: - 2-factor tokens - Certificates - some of the fallback methods we're contemplating for the primary KBA/Email/Cell recovery: - webcam - supervisor vouch Ways account risk may affect the reset process: -The type of required authentication may vary with the risk associated with the account. -The number of required authenticators may vary with the risk associated with the account. -Required authenticators may vary depending on whether a person is on or off campus. -Required authenticators may vary depending upon whether the device being used has been used by the person in the past. Accounts associated with the highest risks, for example IT accounts with high privileges across a range of systems, would not be able to perform a reset from off-campus at all. Secret questions are poor passwords subject to social engineering attacks as we've all seen in the news. A password protecting personal third party email, which may be tied to youtube, maps, facebook, and who knows what else, used from who knows what type of computing devices and stored/cached on them, isn't particularly trustworthy. Cellphones provide a little more security. But for the handful of people who could compromise an entire IT infrastructure, I believe that the convenience to an individual of password reset is overridden by potential losses to the organization and its constituents should such an account become compromised. Shawn Kohrman wrote: > For those of you who have self service password reset tools, do you > maintain a list of users who are excluded from using the tool? If so, how > did you go about establishing your criteria? > > Shawn > ----- > Shawn A. Kohrman, Security Architect > > Azusa Pacific University > Information & Media Technology > 901 E. Alosta Ave., PO Box 7000 > Azusa, CA 91702-7000 > > P: 626.815.2054 | F: 626.815.2061 | http://www.apu.edu/ > ----- > -- Gary Flynn Security Engineer James Madison University

Posted by: flynngn on July 6, 2012

I know the vendor that we use for Password Reset does recommend that you specifically block IT Staff accounts from enrollment via the system. (Particularly privileged accounts). Depending upon how you are setup, one reason to block some accounts, for example is if you cannot easily control whether those with Help Desk administrative reset capability, for example, perhaps students- can potentially reset privileged accounts or executive accounts and potentially access data privileged information. Of course, there are ways to properly manage this in some systems, such as Active Directory, but sometimes directory structure is designed for several purposes that don’t always neatly fit into every neat category of business function that applications might need.

D/C

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY@LISTSERV.EDUCAUSE.EDU]
Sent: Thursday, July 05, 2012 6:38 PM
To: Dexter Caldwell; SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Self Service Password Reset
Importance: Low

Maybe I am missing something obvious, but why would you want to exclude users from being able to reset their own password? Our self-service requires "multi-factor" authentication (answer security questions & access to external email account or cell phone), and unless the user has not provided the required information (or doesn't remember what it was), she should be able to reset the password. We encourage this as much as possible, as it reduces the load on the HD. Even if the customer calls the help desk and needs some kind of manual intervention (forgot answers, never set it up, etc), they will walk her through setting up and using the self-service tools so that next time maybe she will not need to call.

::Adam

>

Posted by: dcaldwell on July 6, 2012

Message from aperry@murraystate.edu

Now there's a question that can spider fairly quickly. Let's begin by asking "Which password?" Does your facility have consolidated credentials, such that there is one password for everything? In our case, we have consolidated identity (username), but each password can be (but most often isn't) unique. However, our central ERP system has a consolidated pane (pain?) for resetting each separate password all in one place. Resetting your ERP password requires either answering 2 security questions chosen at random from a larger pool, OR a visit to the help desk. There is the ability for remote users to receive a password reset for the ERP system via official email, but that's assuming you also remember your email password. You see how quickly this can get fairly complicated?

Our long-term goal is a simple backend solution where setting your ERP password resets all of your other passwords to the same at the same time. We already have the hooks in place since ERP resets all others. But there are licensing and political roadblocks keeping that solution from manifesting. User credentialing has long been the bane of Information Security. As Matt Honan wrote in wired, "passwords are broken." But until alternative identification methods are more ubiquitous, they're what we have.

Drew Perry
Security Analyst
Murray State University
(270) 809-4414
aperry@murraystate.edu

***MSU Information Systems staff will never ask for your password or other confidential information via email.***

Posted by: listserv-anon on January 14, 2013

We have recently implemented the Microsoft Forefront Identity Management (FIM) password portal and it has worked very nicely for us to provide a mechanism to for users to reset their own passwords. Part of our Google Apps for Education migration process required all users to reset their passwords. We used this time to implement FIM, register reset questions, change passwords, and sync those passwords with Google. In addition, the portal works well as the location Google sends users to change passwords via the Google change password links.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: asantabarbara on January 14, 2013

How are you going to handle the news that Microsoft is pulling most of their Forefront product line? I know they are going to provide support for a couple more years, but - it feels like they are leaving us hanging??

M

From: The EDUCAUSE Security Constituent Group Listserv [SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of Santabarbara, Angelo [asantabarbara@SIENA.EDU]
Sent: Monday, January 14, 2013 9:10 AM
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Password Reset

We have recently implemented the Microsoft Forefront Identity Management (FIM) password portal and it has worked very nicely for us to provide a mechanism to for users to reset their own passwords. Part of our Google Apps for Education migration process required all users to reset their passwords. We used this time to implement FIM, register reset questions, change passwords, and sync those passwords with Google. In addition, the portal works well as the location Google sends users to change passwords via the Google change password links.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: mschalip on January 14, 2013

It is true that Microsoft identified and are ending support for many of the Forefront security solutions on December 31, 2015. However, Forefront Identity Management is not impacted in any way.

From Microsoft:

http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-changes-to-forefront-product-roadmaps.aspx

It is important to note that there are no significant changes to the Forefront Identity Manager or Forefront Unified Access Gateway roadmaps. These solutions continue to be actively developed. Forefront UAG 2010 SP2 was released in August 2012 and Forefront Identity Manager 2010 R2 was release in June 2012.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

***Siena ITS staff will NEVER ask for your password or other confidential information via email.***

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: asantabarbara on January 14, 2013

I’ve heard about Forefront before but haven’t seen anything official. Do you have a link?

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of SCHALIP, MICHAEL
Sent: Monday, January 14, 2013 11:39 AM
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Password Reset

How are you going to handle the news that Microsoft is pulling most of their Forefront product line? I know they are going to provide support for a couple more years, but - it feels like they are leaving us hanging??

M

From: The EDUCAUSE Security Constituent Group Listserv [SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of Santabarbara, Angelo [asantabarbara@SIENA.EDU]
Sent: Monday, January 14, 2013 9:10 AM
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Password Reset

We have recently implemented the Microsoft Forefront Identity Management (FIM) password portal and it has worked very nicely for us to provide a mechanism to for users to reset their own passwords. Part of our Google Apps for Education migration process required all users to reset their passwords. We used this time to implement FIM, register reset questions, change passwords, and sync those passwords with Google. In addition, the portal works well as the location Google sends users to change passwords via the Google change password links.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: r-safian@northw... on January 14, 2013

http://www.microsoft.com/en-us/server-cloud/forefront/identity-manager.aspx

It was included with our Microsoft campus license so cost wise it made sense.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

***Siena ITS staff will NEVER ask for your password or other confidential information via email.***

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: asantabarbara on January 14, 2013

As we move further into distance learning and remote locations, how are you handling users who forgot their password? Do you have software in place that allows users to reset their own passwords? Was it purchased or written in-house? If you don’t have any software that does this is it cost or security concerns that are presenting the biggest road blocks?

Jason Rinne

Systems Administrator

500 E. College Street ∙ Marshall, MO 65340

P 660-831-4088

rinnej@moval.edu

This document may contain confidential information and is intended solely for the use of the addressee. If you received it in error, please contact the sender at once and destroy the document. The document may contain information subject to restrictions of the Family Educational Rights and Privacy and the Gramm-Leach-Bliley Acts. Such information may not be disclosed or used in any fashion outside the scope of the service for which you are receiving the information.

Posted by: rinnej on January 14, 2013

Message from aperry@murraystate.edu

Now there's a question that can spider fairly quickly. Let's begin by asking "Which password?" Does your facility have consolidated credentials, such that there is one password for everything? In our case, we have consolidated identity (username), but each password can be (but most often isn't) unique. However, our central ERP system has a consolidated pane (pain?) for resetting each separate password all in one place. Resetting your ERP password requires either answering 2 security questions chosen at random from a larger pool, OR a visit to the help desk. There is the ability for remote users to receive a password reset for the ERP system via official email, but that's assuming you also remember your email password. You see how quickly this can get fairly complicated?

Our long-term goal is a simple backend solution where setting your ERP password resets all of your other passwords to the same at the same time. We already have the hooks in place since ERP resets all others. But there are licensing and political roadblocks keeping that solution from manifesting. User credentialing has long been the bane of Information Security. As Matt Honan wrote in wired, "passwords are broken." But until alternative identification methods are more ubiquitous, they're what we have.

Drew Perry
Security Analyst
Murray State University
(270) 809-4414
aperry@murraystate.edu

***MSU Information Systems staff will never ask for your password or other confidential information via email.***

Posted by: listserv-anon on January 14, 2013

We have recently implemented the Microsoft Forefront Identity Management (FIM) password portal and it has worked very nicely for us to provide a mechanism to for users to reset their own passwords. Part of our Google Apps for Education migration process required all users to reset their passwords. We used this time to implement FIM, register reset questions, change passwords, and sync those passwords with Google. In addition, the portal works well as the location Google sends users to change passwords via the Google change password links.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: asantabarbara on January 14, 2013

How are you going to handle the news that Microsoft is pulling most of their Forefront product line? I know they are going to provide support for a couple more years, but - it feels like they are leaving us hanging??

M

From: The EDUCAUSE Security Constituent Group Listserv [SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of Santabarbara, Angelo [asantabarbara@SIENA.EDU]
Sent: Monday, January 14, 2013 9:10 AM
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Password Reset

We have recently implemented the Microsoft Forefront Identity Management (FIM) password portal and it has worked very nicely for us to provide a mechanism to for users to reset their own passwords. Part of our Google Apps for Education migration process required all users to reset their passwords. We used this time to implement FIM, register reset questions, change passwords, and sync those passwords with Google. In addition, the portal works well as the location Google sends users to change passwords via the Google change password links.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: mschalip on January 14, 2013

It is true that Microsoft identified and are ending support for many of the Forefront security solutions on December 31, 2015. However, Forefront Identity Management is not impacted in any way.

From Microsoft:

http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-changes-to-forefront-product-roadmaps.aspx

It is important to note that there are no significant changes to the Forefront Identity Manager or Forefront Unified Access Gateway roadmaps. These solutions continue to be actively developed. Forefront UAG 2010 SP2 was released in August 2012 and Forefront Identity Manager 2010 R2 was release in June 2012.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

***Siena ITS staff will NEVER ask for your password or other confidential information via email.***

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: asantabarbara on January 14, 2013

I’ve heard about Forefront before but haven’t seen anything official. Do you have a link?

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of SCHALIP, MICHAEL
Sent: Monday, January 14, 2013 11:39 AM
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Password Reset

How are you going to handle the news that Microsoft is pulling most of their Forefront product line? I know they are going to provide support for a couple more years, but - it feels like they are leaving us hanging??

M

From: The EDUCAUSE Security Constituent Group Listserv [SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of Santabarbara, Angelo [asantabarbara@SIENA.EDU]
Sent: Monday, January 14, 2013 9:10 AM
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Password Reset

We have recently implemented the Microsoft Forefront Identity Management (FIM) password portal and it has worked very nicely for us to provide a mechanism to for users to reset their own passwords. Part of our Google Apps for Education migration process required all users to reset their passwords. We used this time to implement FIM, register reset questions, change passwords, and sync those passwords with Google. In addition, the portal works well as the location Google sends users to change passwords via the Google change password links.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: r-safian@northw... on January 14, 2013

http://www.microsoft.com/en-us/server-cloud/forefront/identity-manager.aspx

It was included with our Microsoft campus license so cost wise it made sense.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

***Siena ITS staff will NEVER ask for your password or other confidential information via email.***

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: asantabarbara on January 14, 2013

I submitted the question to some Microsoft contacts and was directed to this url:

http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-changes-to-forefront-product-roadmaps.aspx

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of SCHALIP, MICHAEL
Sent: Monday, January 14, 2013 11:39 AM
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Password Reset

How are you going to handle the news that Microsoft is pulling most of their Forefront product line? I know they are going to provide support for a couple more years, but - it feels like they are leaving us hanging??

M

From: The EDUCAUSE Security Constituent Group Listserv [SECURITY@LISTSERV.EDUCAUSE.EDU] On Behalf Of Santabarbara, Angelo [asantabarbara@SIENA.EDU]
Sent: Monday, January 14, 2013 9:10 AM
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Subject: Re: [SECURITY] Password Reset

We have recently implemented the Microsoft Forefront Identity Management (FIM) password portal and it has worked very nicely for us to provide a mechanism to for users to reset their own passwords. Part of our Google Apps for Education migration process required all users to reset their passwords. We used this time to implement FIM, register reset questions, change passwords, and sync those passwords with Google. In addition, the portal works well as the location Google sends users to change passwords via the Google change password links.

Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara@siena.edu

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply and destroy all copies of the original message.

Posted by: dick.jacobson@n... on January 14, 2013

Main Nav

Publications

Research

Major Conferences

Online Events

Special Topic Events

Events for all Levels and Interests

Career Center

Leadership and Management Programs

Fellowships and Awards

Getting Involved

Jump Start Your Career Growth

Latest Topics

EDUCAUSE organizes its efforts around three IT Focus Areas

Join These Programs If Your Focus Is

From the Blogs

Find Others

Share Ideas

Get on the Higher Ed IT Map

2013 Strategic Priorities

Membership

Who We Are

Stay Informed

Uncommon Thinking for the Common Good™

Self Service Password Reset

Comments

Recommend

Research and Publications

Conferences and Events

Career Development

Focus Areas and Initiatives

Connect and Contribute

About EDUCAUSE

Publications

Research

Major Conferences

Online Events

Special Topic Events

Events for all Levels and Interests

Career Center

Leadership and Management Programs

Fellowships and Awards

Getting Involved

Jump Start Your Career Growth

Latest Topics

EDUCAUSE organizes its efforts around three IT Focus Areas

Join These Programs If Your Focus Is

From the Blogs

Find Others

Share Ideas

Get on the Higher Ed IT Map

2013 Strategic Priorities

Membership

Who We Are

Stay Informed

Uncommon Thinking for the Common Good™