OpenAthens: Enhancing Modern Research with User-Centric Administration and Security

We’re all now generally familiar with the premise of single sign-on (SSO) in our daily use of all types of electronic resources – work platforms, online commerce, personal business, and social media, to name a few. The conveniences are many, and the vital privacy and security aspects of these services are increasingly configurable based on the needs of the organization and individual. 

Compared to the relatively few enterprise applications most IT departments maintain for organizations, libraries and research departments often require access to dozens, even hundreds, of different platforms where electronic content is hosted. To do so efficiently, while supporting even the most basic user experience and security needs of a modern institution, has long been a balancing act, with compromises required by most parties involved. 

OpenAthens, approaching its 30^th (!) anniversary, was created to avoid the need for compromise in access management from the beginning. The service has evolved over that time and built a modern framework for research access that includes best-in-class security, convenience, and award-winning user friendliness for administrators, end users, and content providers.

In this blog, we’ll highlight a few areas where OpenAthens can help any organization with identity and access management (IAM) needs: 

Administration
If you’ve worked with most authentication tools in the online research space, you already know that most require a high level of expertise or technical proficiency to administrate. OpenAthens was designed to make maintenance simple, and EBSCO provides complete implementation and support for the life of your subscription. Simple! Some examples: 

• Resource Catalogue – Easily select only the platforms and users you want to provide access to. Adding new vendors/platforms/publishers is uncomplicated:

• Data Explorer – Custom analytics module that reflects the activity for your organization(s) with the levels of granularity and data points that you choose:

Identity
When it comes to identity, OpenAthens is as flexible (or more so) than any authentication service we’ve encountered. Featuring out-of-the-box compatibility with a number of modern protocols and an API for bespoke connections, your directories will work with the service. And if your organization doesn’t have a suitable identity provider, you can load patron information directly into OpenAthens for this purpose: 

Access Management
Whether you already have a robust resource access policy in place – or license all content and applications for all users – OpenAthens can streamline resource allocation with its simple open standards-based functionality. Permission Sets are how OpenAthens allows administrators to create flexible access policies that can evolve how the organization and its users need it to. 

Privacy
Whether your organization seeks highly personalized, detailed authorization and analytical information – or anonymized access is your goal, OpenAthens allows for configuration how it best suits you. Current information best practices recommend using pseudonymous identifiers, but we all know that isn’t always possible or practical. Configure your organization’s instance however needed for your specific purposes, and change that scheme as often as needed! A key concept to remember is that personalization doesn’t require personally identifiable information, which is often the end user’s preference.

Data Security
OpenAthens is, at heart, a security-focused organization and takes its role in protecting your data seriously. All decisions relating to what information is required, where it is stored, and how it is processed are made with consideration of the principle of minimization of data and compliance with the most current worldwide data privacy and security standards. OpenAthens is developed and maintained under the auspices of the United Kingdom  General Data Protection Regulation (UK GDPR) and is continuously certified to the ISO 27001 information security standard. Services are hosted on the Google Cloud Platform, which was specifically chosen for its own security posture, uptime, and worldwide footprint for optimal performance whether you’re located in Perth or Prince Edward Island.

User Experience (UX) 
Of course, the features and protections listed above don’t amount to much if your administrators and end users aren’t supplied with an intuitive, world-class experience. An accessible, easily navigated administrative interface ensures admins can quickly find configuration tools – and create or replicate efficient, predictable user journeys for researchers. Help with any aspect of administration of the service is a call or email away – to our EBSCO and/or OpenAthens Support teams, or if you prefer self-service, via the extensive OpenAthens Documentation website. There’s also an active community on the OpenAthens listserv if you like to crowdsource your solutions or just want to learn more from or inform your peers about the cool things you’re doing to help researchers locally and around the globe. 

Wrapping it Up 
OpenAthens has always been a tool designed to make complex functionality simpler and more accessible, to work in concert with the resources you currently have (or may have your eye on), and to allow your administrators and end users to spend more time on the work that matters most to them. Walking the line between ease of access, providing actionable data, and protection of user privacy, OpenAthens continues to evolve by listening to the user and working diligently with vendor partners to enhance the research experience for all. There has never been more information available than to today’s researchers – OpenAthens wants to make sure that once you find that perfect resource, you can access it as simply and efficiently as possible and add your contribution.