Navigating Access And Identity Management For K-12--- Questions To Ask
School is starting and with it, comes a heightened awareness of security and privacy from parents and the community. What does this mean for a district’s technology department focused on preparing schools for the transition to digital learning? Below are 10 questions about access and identity management to consider when planning for a digital learning environment.
- Are passwords unique and difficult to guess?
- Have staff and students received training to address their roles in security and privacy?
- Is there a process for adding deleting and updating users?
- Are personnel/student files matched with user accounts so when a staff member or student leavers their access is also closed quickly and efficiently?
- Are files backed up off-site and is the off-site secure?
- Is there a process for inappropriate or unusual activity to be reported by users, investigated and action taken?
- Are incidents monitored online and tracked until there is a resolution?
- Are workstations/devices disconnected from the network after inactivity?
- Have insecure protocols been disabled (for example ftp, UDP) ?
- Are logs created and stored off-line to assist with tracking and are these logs secure?
Is your staff ready for Single-Sign-On?
One of the most immediate benefits of access and identity management to users is single-sign-on (SSO). One of the safest way to make Single-Sign-On possible is through federated identity management. Federated meanings that both parties involved have clearly laid out the relationship between systems and identified what identifying information is safe to pass between systems and what should be secured. For school districts that are used to a district focus the concept of working with trusted companies and community anchors to develop a federation is new and can be a bit uncomfortable at first.
Companies and school that are developing federated identity management, do so because they want to be able to allow users the ability to move from application to application seamlessly. Using federation enables the organization to keep student data secured when passing information onto trusted sources such as; reporting to the state, or to a college, or to a third party vendor doing high stakes testing. Password Security, Data Privacy, Student Identity, Authentication are just a few areas to consider in the complex world of Access and Identity Management, but can be effective and efficient for schools that are making the transition to a digital environment.