University California San Francisco

Modernizes a Decades Old Legacy Identity Access Management System

How a Large Institution Increased Security and Reduced Risk

Watch the Story

After twenty years, it was time for the University of California San Francisco to strengthen security and empower greater access to knowledge by modernizing a decades-old identity system.

The University is not one but two top-down organizations. Both a university, with an array of education requirements, and a hospital, with its own interlaced medical teaching needs, the population is broad. Like many universities, its changing population required massive onboarding and deactivations when classes began and ended, placing a significant strain on staff.

How would the University replace a legacy identity system so deeply entangled with core business processes to prepare for the future?

Watch the story to hear about how the University got its program funded and delivered a strong return on investment. 



Multiple data sources combined with loose affiliations for members, including students, teachers, staff, residents, nurses, doctors, researchers, guests, volunteers, and contractors made the quality of the data unreliable.

Distance learning introduced added risk. Bad actor logins plus access challenges like firewall issues in China or students in Africa connecting mainly from smartphones with slow and spotty connectivity was a concern.

Across all applications and services, the university needed one data source to automate provisioning, synchronize systems of record, and streamline appropriate access through the identity lifecycle with a highly secure yet publicly accessible identity solution.


The university prioritized must-have features including password management, good connectors including one for Active Directory, group management, identity lifecycle, access management, and governance. The Senior Manager, Identity and Access Management at the University, brought the project from concept to completion.

The university chose Bravura Security as the best solution to modernize its identity access management and provide increased security access from anywhere. They found Bravura Security offered the reliability, technology, extensive expertise, and professional services it needed to locally deploy at a cost that met their requirements.

"Beyond a magic quadrant, an analyst like Gartner can offer in-depth insight on solutions to meet your strategic goals," says the Senior Manager. "Prior to sending out a request for proposal, cast a wide net and talk to many vendors."

The university advises prioritizing features and technology then eliminate vendors who don’t fit your needs. Get demonstrations and talk with peers and reference clients to help validate your decision. Finally, move ahead with a proof of concept to determine how the short-listed solution works for you.

"Fixing the scope and price is the only way to avoid a multi-year, multi-million-dollar white elephant project," said the Senior Manager. "Getting an accurate scope takes time and effort to capture but failing to define it will result in a project you may think is agile but really is just ruinously expensive and lengthy."

An experienced partner will help develop an efficient deployment and test plan that’s tried and true.



With one identity system to rule them all, the university leveraged faster near-time processing and simplified integrations through an ecosystem of over one hundred connectors. Automation saved notable time and effort in onboarding and deactivating and enabled appropriate access based on birthrights, roles, workflows, and notifications. The team strengthened security through enhanced access control with attestation, self-service requests, credential management, delegated administration, and approvals. Easier support, upgrades, and enhancements put the university in control of identity access to empower teaching and learning.

Nine departments worked to promote adoption across the campus. Spearheaded by the IT team, stakeholders worked in business and governance groups. They outlined concrete deliverables including replacing the mainframe, introducing the Bravura Security solution, production deployment, automating and standardizing provisioning and deactivations, federation via Shibboleth, and multi-factor authentication. The stakeholders frequently communicated prioritized outcomes linked to timelines to help foster partnerships with staff. They trained everyone on how to use the new Bravura Security solution and augmented skills as needed.

"It’s a long-term investment and you have to think about the future," says the Senior Manager. "With Bravura Security as our identity provider, we significantly improved our flexibility, efficiency, and governance. Our security strategy now matches our culture of innovation and excellence."

With a modern Bravura Security identity solution, the university simplified and improved data protection and access while reducing security risk. Improved control has better positioned the university to provide access for its members today and the ever-growing population into the future.

Bravura Security at a Glance

Bravura Security is an industry leader, delivering best-in-class identity, privileged access, password, and passwordless solutions.  Bravura Security has helped higher education institutions like the University of California San Francisco, the University of Oregon, the University at Buffalo, and Appalachian State, protect their data, faculty, and students over the last two decades against increasing cybersecurity threats. 


Try MFA and Zero Knowledge Vaulting Free for 30-Days

Go passwordless! Transform your institution's identity security with Bravura Safe zero-knowledge password manager and Brauvra OneAuth true passwordless MFA 

Start FREE 30-Day Trial 

"With Bravura Security as our identity provider, we significantly improved our flexibility, efficiency, and governance. Our security strategy now matches our culture of innovation and excellence."

— Senior Manager, Identity and Access Management, University in California

Read the Blog