University of Wisconsin–Madison

Summary of Smart Access workshops & focus groups

In July, we will decide on whether to use Microsoft as our primary platform for Smart Access. The decision would mean using the following core components to support Zero Trust adoption for UW–‍Madison:
  • Entra ID as an additional IdP, which would be required for identity-based conditional access
  • Intune for Endpoint Management (EPM)
  • Defender for Endpoint Detection and Response (EDR)
  • Sentinel for Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR)
Additionally, we are relatively confident Duo, Proofpoint, Elastic and Qualys will remain part of our strategy. One of the Smart Access core principles is “we’re all in this together.” This principle embodies the idea that partnerships and open communication are at the heart of our approach. We want to ensure the voices of our distributed IT partners are represented in this decision. In May and June, we met with IT professionals across the university to understand how these changes would affect their teams and what support they would require to navigate the transition successfully. To gather those insights, we organized the following:
  • A virtual information session to provide detailed background on Smart Access and what we hope to achieve. (Recording now available)
  • An in-person IT Leaders Workshop with 40 participants who rotated through 8 “World Café” discussion tables and voted on the ideas that mattered most.
  • 5 virtual focus groups to drill deeper into governance opportunities, support needs and migration pain points.

What we heard

  • There is strong support for the goals of Smart Access, especially improving security and reducing risk through Zero Trust principles.
  • Many people are eager to participate in governance and develop university-wide standards for protecting classified data within a zero-trust framework, ensuring these standards can be easily and consistently implemented through our technical infrastructure.
  • Common challenges departments are facing include managing “bring your own device (BYOD)” and unmanaged devices, gaps in inventory and logging, and concerns about inconsistent support for research and specialized workflows.
  • Participants expressed fatigue from tool migrations and emphasized the need for clear timelines, strong training, and communication about what’s changing and why.
  • There’s a desire for flexibility in how Smart Access is implemented—especially in supporting distributed IT and enabling delegated administration.
  • Conditional access was seen as a powerful strategy but raised concerns about usability and unforeseen disruptions to legitimate work.
  • Academic leadership involvement, clear campus-wide messaging, and platform parity (Windows, Mac, Linux) were highlighted as critical success factors.

What’s next?

We’ll consider insights from these sessions when deciding if Microsoft will be our primary platform for Smart Access. Suggestions and recommendations will also shape the program over the next several years and be included in program plans and roadmaps. We look forward to continued engagement with the university community to guide the Smart Access program and service design. There will be more opportunities to engage in the future, so sign up for our email list to stay informed and join the conversation around Smart Access and the future of Cybersecurity. Learn more about the Smart Access Program by visiting the Smart Access web page.