Identify and access management (IAM) is one of the key security controls needed in every organization. Implementing IAM in school systems needs to address several issues that can be especially challenging in the education environment:

Highly distributed systems

While there usually are centrally controlled technology resources, individual schools may have different facilities as part of their computer labs and administration and student resources.

Multiple identity systems

Schools commonly have different applications for managing employees and students. Without a single Active Directory service, IAM doesn’t have a single source for verifying credentials.

Users with multiple roles

In businesses, while employees can change roles, commonly they have only one role at a time. In school systems, the same person can be a student, teacher, administrator, alumni, or parent. They can sometimes hold multiple roles at the same time. There’s also a lot of turnover every year, as students graduate and new students enroll.

Unsophisticated or malicious users

Many users of school systems are unsophisticated when it comes to technology; some users may not even know how to read yet. Some students may deliberately attempt to find ways to gain privileges in order to alter grades or simply test the limits and their abilities.

User-owned devices

Users connect to the school system using their personal computers, tablets, and phones. Managing permissions across devices is difficult, especially as different devices have different levels of security and present different risks.

Software as a Service

The school system may deliver some applications as Software as a Service (SaaS), meaning it’s provided and controlled by an outside vendor outside the school system’s network. It can be difficult to integrate identities on SaaS applications with identities managed internally.

Lack of resources to manage identities

With school systems perennially strapped for cash, it’s difficult to allocate enough personnel time to manage identities. Manual provisioning makes it easy to make mistakes or to take shortcuts, like cloning another user, that result in granting too many privileges. There may not be enough time to conduct a review of users to make sure access rights are updated or removed if the user’s role changes or they leave the school system.

In order to address these issues, school systems need to look for IAM solutions that can help them manage user identities across platforms and applications, however they’re delivered and wherever they’re accessed from. With the right tools and support from vendors, it’s possible to design a solution to centrally manage identities, automate identity management, and reduce the risks of granting too many privileges.

Prescient Solutions has been helping Chicago-area schools solve their information systems problems for nearly 20 years. Our support capabilities for the education industry include cybersecurity, networking, remote support, and other services. With IT support from Prescient Solutions, you can use your technology cost-effectively in support of your education mission. Contact us to learn how Prescient Solutions can help you overcome your identity management and other technology challenges.