University California San Francisco
Modernizes a Decades Old Legacy Identity Access Management System
How UCSF Governed Identity Across Teams, Systems, and Users
UCSF unified identity governance across a highly complex environment — improving consistency, reducing risk, and strengthening institutional operations.
Modern universities operate across federated IT environments where identity touches everything. Teaching, learning, research, healthcare, and administration.
For UCSF, legacy identity infrastructure and fragmented governance created growing risk, operational strain, and uncertainty at scale.
This customer success story shows how UCSF modernized identity access management to establish consistent governance, reduce risk, and support a complex academic and medical ecosystem without disrupting operations or culture.
Key Breakthroughs for UCSF:
- One governed identity model across a complex institution. UCSF unified identity lifecycle management across students, faculty, staff, researchers, clinicians, contractors, and guests, replacing fragmented logic with a single, trusted system of record.
- Operational confidence in a federated environment. By standardizing provisioning, deprovisioning, and access decisions, UCSF created predictable, audit-ready identity operations across departments, schools, and the medical center.
- Reduced risk during massive onboarding and offboarding cycles. Automation replaced manual processes during cyclical population changes, significantly reducing security exposure tied to access sprawl and delayed deactivations.
- A future-ready foundation for teaching, learning, and research. With modern connectors, lifecycle governance, and strong access controls, UCSF strengthened identity security while supporting digital learning, global access, and long-term modernization initiatives.
Watch the Story
After twenty years, it was time for the University of California San Francisco to strengthen security and empower greater access to knowledge by modernizing a decades-old identity system.
The University is not one but two top-down organizations. Both a university, with an array of education requirements, and a hospital, with its own interlaced medical teaching needs, the population is broad. Like many universities, its changing population required massive onboarding and deactivations when classes began and ended, placing a significant strain on staff.
How would the University replace a legacy identity system so deeply entangled with core business processes to prepare for the future?
Watch the story to hear about how the University got its program funded and delivered a strong return on investment.
UCSF Reduced Identity Risk and Strengthened Institutional Security
A real-world example of identity governance supporting institutional resilience, modernization, and leadership confidence.
Challenge
Multiple data sources combined with loose affiliations for members, including students, teachers, staff, residents, nurses, doctors, researchers, guests, volunteers, and contractors made the quality of the data unreliable.
Distance learning introduced added risk. Bad actor logins plus access challenges like firewall issues in China or students in Africa connecting mainly from smartphones with slow and spotty connectivity was a concern.
Across all applications and services, the university needed one data source to automate provisioning, synchronize systems of record, and streamline appropriate access through the identity lifecycle with a highly secure yet publicly accessible identity solution.
Solution
The university prioritized must-have features including password management, good connectors including one for Active Directory, group management, identity lifecycle, access management, and governance. The Senior Manager, Identity and Access Management at the University, brought the project from concept to completion.
The university chose Bravura Security as the best solution to modernize its identity access management and provide increased security access from anywhere. They found Bravura Security offered the reliability, technology, extensive expertise, and professional services it needed to locally deploy at a cost that met their requirements.
"Beyond a magic quadrant, an analyst like Gartner can offer in-depth insight on solutions to meet your strategic goals," says the Senior Manager. "Prior to sending out a request for proposal, cast a wide net and talk to many vendors."
The university advises prioritizing features and technology then eliminate vendors who don’t fit your needs. Get demonstrations and talk with peers and reference clients to help validate your decision. Finally, move ahead with a proof of concept to determine how the short-listed solution works for you.
"Fixing the scope and price is the only way to avoid a multi-year, multi-million-dollar white elephant project," said the Senior Manager. "Getting an accurate scope takes time and effort to capture but failing to define it will result in a project you may think is agile but really is just ruinously expensive and lengthy."
An experienced partner will help develop an efficient deployment and test plan that’s tried and true.
Outcome
With one identity system to rule them all, the university leveraged faster near-time processing and simplified integrations through an ecosystem of over one hundred connectors. Automation saved notable time and effort in onboarding and deactivating and enabled appropriate access based on birthrights, roles, workflows, and notifications. The team strengthened security through enhanced access control with attestation, self-service requests, credential management, delegated administration, and approvals. Easier support, upgrades, and enhancements put the university in control of identity access to empower teaching and learning.
Nine departments worked to promote adoption across the campus. Spearheaded by the IT team, stakeholders worked in business and governance groups. They outlined concrete deliverables including replacing the mainframe, introducing the Bravura Security solution, production deployment, automating and standardizing provisioning and deactivations, federation via Shibboleth, and multi-factor authentication. The stakeholders frequently communicated prioritized outcomes linked to timelines to help foster partnerships with staff. They trained everyone on how to use the new Bravura Security solution and augmented skills as needed.
"It’s a long-term investment and you have to think about the future," says the Senior Manager. "With Bravura Security as our identity provider, we significantly improved our flexibility, efficiency, and governance. Our security strategy now matches our culture of innovation and excellence."
With a modern Bravura Security identity solution, the university simplified and improved data protection and access while reducing security risk. Improved control has better positioned the university to provide access for its members today and the ever-growing population into the future.
Bravura Security at a Glance
Bravura Security is an industry leader, delivering best-in-class identity, privileged access, password, and passwordless solutions. Bravura Security has helped higher education institutions like the University of California San Francisco, the University of Oregon, the University at Buffalo, and Appalachian State, protect their data, faculty, and students over the last two decades against increasing cybersecurity threats.
Request a Governance Review
Get a tailored review of your institution’s identity governance model.
We’ll look at how identities are created, managed, and removed across your campus, highlight areas of risk or inefficiency, and discuss practical next steps for strengthening security, audit readiness, and access reliability.
This is a working session designed to support your governance goals, not a product pitch
This will be:
- Focused on higher education environments
- Designed for federated and complex campus structures
Try MFA and Zero Knowledge Vaulting Free for 30-Days
Go passwordless! Transform your institution's identity security with Bravura Safe zero-knowledge password manager and Brauvra OneAuth true passwordless MFA
"With Bravura Security as our identity provider, we significantly improved our flexibility, efficiency, and governance. Our security strategy now matches our culture of innovation and excellence."
— Senior Manager, Identity and Access Management, University in California
Read the Blog
Close Hidden Gaps in Enterprise Password Management
For compliance leaders and CIOs, password policy failures are often silent but dangerous. Across all industries, overlooked compliance gaps can quietly invite attackers into your enterprise. Even with robust enterprise password management tools, ...
Read MoreBravura Pass vs Microsoft SSPR: Which Fits Your Environment?
Enterprise password management is a challenge that impacts every role, from IT admins to end users, across all industries. As organizations face increasing security threats and compliance demands, choosing the right password reset solution is more ...
Read MoreAre You Ready for The Latest Pass? Upgrade Readiness Checklist
IT Directors and Sysadmins across industries face mounting challenges in keeping enterprise password security robust and compliant. As cyber threats evolve and compliance standards tighten, staying current with Bravura Pass upgrades is no longer ...
Read More