Case Study: Cherokee County School District
Industry: Pre-K-12
Solutions: Products owned: RapidIdentity Cloud Lifecycle Management, Authentication, Workflow
Piloting: PhishID, SafeID, and ShieldID
"Identity Automation cares about the student and teacher experience,” said Karla Tipton, Director of Technology Support Services. “You have people at IA who have worked for a school district, and they take what we ask for seriously.”
“With our existing Microsoft tools, RapidIdentity enhances the functionality to meet the unique needs and challenges in a K-12 environment. For example, QR codes and Pictograph login options.” — Matt Roper, Supervisor of Network and Security Services
Cherokee County School District is a public school system in the Atlanta area serving 42,000 PK-12 students and 6,000 employees with 40 schools and centers. The district needed a robust identity access management (IAM) system that could meet the needs of its diverse population.
CHALLENGE
More than a decade ago, Cherokee County School District chose an identity access management (IAM) system included with their existing Microsoft license. They soon realized the system was not optimized for education organizations. Instead of a system made for enterprise businesses, they needed a solution to support the unique needs of a large school district.
One challenge they faced was providing a simpler way for young and special needs students to authenticate. The previous system required students to type their full usernames and passwords to log in.
The district wanted simpler, passwordless authentication options, such as QR codes for students, and more secure options for staff, such as FIDO keys, OTP generation, and push notifications, to minimize the time teachers and students spend remembering, entering, forgetting, and resetting passwords.
With recent cybersecurity incidents that target K-12 environments, Cherokee County School District needed a partner who would take into account the specific needs and challenges of school systems. “I like that Identity Automation cares about the student and teacher experience,” said Karla Tipton, Director of Technology Support Services.
SOLUTION
Identity Automation provided the district with a smooth implementation process. The district’s previous system required significant resources from their team. “We didn’t want to rely on an on-prem solution due to cost and the man-hours we spent maintaining the system — it became too complicated for our internal staff to handle,” said Matt Roper, Supervisor of Network and Security Services.
The RapidIdentity Cloud system automatically makes updates and notifies users about new features when they log in. “It’s very appealing … when you get new features, and you’re a RapidIdentity cloud customer, it just happens,” Roper said. “You don’t really think about it.” This eliminates the need for manual server updates during non-critical hours.
Phase one of the RapidIdentity implementation featured the following solutions:
-
RapidIdentity Lifecycle Management to automate and streamline identity lifecycle management for all users, including students, teachers, staff, and vendors.
-
RapidIdentity Authentication for frictionless one-click access to all instructional and non-instructional resources through a single sign-on (SSO) Portal protected by an extra security level using multi-factor authentication (MFA).
As the chief security officer for Cherokee County Schools, Mr. Roper needed a partner who could deliver enterprise-class cybersecurity tools that did not impact the teaching and learning experience. “From a security perspective, I think that it’s very difficult to find a security solution that’s easy or convenient for our users,” Roper said.
As part of the ongoing IAM journey, the district is implementing RapidIdentity Workflow to enable staff to request privileged admin access (i.e. Domain, VPN and Azure) and to have access granted using pre-defined policies through an auditable approval process. In addition, the district is piloting other RapidIdentity security solutions, including SafeID for continuous monitoring of compromised credentials, ShieldID for advanced firewall and geofencing protection against brute force and account takeover attacks, and PhishID, a browser-based anti-phishing tool that prevents users from clicking on suspicious or known phishing links.
RESULTS
The RapidIdentity implementation has allowed the district to achieve strategic alignment of security initiatives that not only address technological requirements but end user experience.
-
Data cleanup: The system's backend presents data in a manageable way. Switching to RapidIdentity Cloud helped the district clean up its groups, vendor accounts, and entire active directory, which it had for more than 20 years. “The significance of data cleanup and streamlining workflows cannot be understated, as these measures are instrumental in enhancing system implementation,” Tipton said.
-
Easy user experience: Enabling the use of passwordless authentication methods and persona-based SSO Portals for students and staff has improved their online experience and productivity. “The incorporation of QR codes and targeted portal pages has notably enhanced the experience for both students and staff. These features have simplified access, particularly for younger and special education students who found it challenging to type in their credentials,” Tipton said. Not only are students impacted, but teachers and staff are enjoying the technology upgrade. “Even bus drivers have noted the ease with which they can now clock in, demonstrating the widespread benefits of the system across different roles within the organization,” Tipton added.
-
Less wasted time: Resetting a student’s password used to happen more often and required more time. With their previous system, students needed full usernames and passwords. By enabling delegated and self-service password reset, RapidIdentity has dramatically improved instructional time-on-task. “It is so easy to reset a student's password and print out a new QR code. They have enjoyed the customized portal and QR code experience,” Tipton said of teachers.
-
Enhanced security: The introduction of security features such as an SSO Portal protected by passwordless authentication methods, privileged access management through Workflow, and the implementation of other security solutions such as PhishID, SafeID, and ShieldID ensures the Cherokee County Schools District is better equipped to safeguard its sensitive information and systems against growing cybersecurity threats.
-
Responsiveness and Education Focus: Unlike the customer experience at larger companies, the team at Identity Automation offers a personalized partnership with second-to-none customer service. They respond quickly to any emergencies or other requests that arise. Plus, the team possesses a deep understanding of the specific needs of educational facilities.
Through the entire process, Roper said the district continues to be impressed with RapidIdentity’s engineering quality. “Any unique challenges the district faced were accommodated by the professional services team at Identity Automation. Regardless of the engineer working on your implementation, the insight and quality of support exceeded expectations.”
The district is excited for the continued partnership and use of RapidIdentity’s IAM system and security solutions. “The magic is in the people at Identity Automation because they deliver expertise and solutions that address the needs of our students, teachers, and staff,” said Matt Roper, Supervisor of Network and Security Services.
Request a Demo