Skip to main content

Identity Security Governance

A unified identity framework that preserves member autonomy while enforcing system-wide security standards.

Enterprise Identity Governance Model​

The Texas A&M University System maintains a coordinated identity security posture grounded in:

  • Clear governance expectations
  • Standardized security control requirements
  • Respect for member operational independence

Identity Governance and Administration (IGA) functions β€” including account lifecycle management, role assignment, provisioning, and access oversight β€” remain the responsibility of each member institution.

This model preserves the long-standing principle that members manage their own user populations, business processes, and operational workflows, while aligning to system-level requirements that ensure consistency, interoperability, and enterprise-wide security.

System-Level Identity Requirements​

System cybersecurity policies and security control standards establish minimum conditions under which identity systems must operate. These requirements safeguard institutional resources and protect shared services across the enterprise.

πŸ” Multi-Factor Authentication (MFA)​

All members must enforce multi-factor authentication for:

  • Systems handling sensitive data
  • Administrative access pathways
  • Shared enterprise services

MFA is foundational to the system’s defense-in-depth strategy. It significantly reduces credential compromise risk and ensures strong verification of every entity accessing protected resources.

View Approved MFA Methods

πŸͺͺ Identity Proofing (IAL2 – Medium Assurance)​

Users requiring medium assurance β€” typically those accessing elevated, sensitive, or cross-institutional services β€” must undergo identity proofing consistent with Identity Assurance Level 2 (IAL2) standards.

Approved proofing methods may include:

  • Electronic verification
  • In-person validation
  • System-defined mechanisms meeting assurance criteria

This requirement ensures that identities accessing critical services are:

  • Trustworthy
  • Traceable
  • Validated under consistent standards

Review NIST SP 800-63A-4

🌐 Federated Identity Participation​

All members must participate in:

  • TAMUFederation
  • InCommon Federation

Federation participation enables:

  • Secure inter-institutional authentication
  • Federated access to shared enterprise services
  • Trust relationships with national academic and research partners

Members retain control of local identity stores while ensuring identities can be securely recognized and trusted across institutional and external boundaries.

Learn About TAMUFederation

Learn About InCommon Federation

Governance Philosophy: Autonomy Within Alignment​

The governance model is intentionally structured to balance flexibility with accountability.

Each member may select:

  • Identity platforms
  • IGA tooling
  • Administrative workflows
  • Operational processes

Provided those selections comply with established system standards.

This framework:

  • Preserves institutional innovation
  • Protects operational independence
  • Reinforces system-wide interoperability
  • Maintains strong identity assurance
  • Aligns with modern federal and industry standards

Identity security across the Texas A&M University System is not centralized control β€” it is coordinated governance grounded in long-standing institutional principles and reinforced by modern security discipline.