Case Study: Virginia Community College System

Industry: Higher Education

Solution: RapidIdentity Cloud

Located throughout the state of Virginia, the Virginia Community College System (VCCS) encompasses 23 community colleges across 40 campuses. The expansive college system manages over 1.2 million identities with an annual enrollment rate of approximately 235,000 active users. VCCS has a complex user population, including 200,000 students (dual enrollment, credit-seeking, and non-credit seeking), and 35,000 staff and faculty members (including adjunct professors, contractors, and consultants as well).

"I knew from my past experience in K-12 that RapidIdentity was a great solution and can easily handle a multi-organizational network like ours." Nicole Stewart, Assistant Vice Chancellor of IT Services, VCCS

CHALLENGE

In 2005, VCCS implemented a custom, legacy identity and access management (IAM) solution. However, the restrictive nature of the system brought on multiple challenges, particularly regarding security, multi-factor authentication (MFA), and governance.

“Our main pain point was security, and second was development— it went hand in hand. We couldn’t keep up with our security enhancements required for an enterprise system,” said Emilio Acevedo, Information Technology Manager at VCCS, adding: “We also could not keep up with providing forward-thinking technologies to our users due to the custom nature of the system.”

Another major challenge was providing access to contractors and part-time employees that did not go through the human resources (HR) system. With the legacy system, onboarding contractors involved a system of “complicated, convoluted bandaids.’’ Contractors had to apply as students, and it would take an average of two weeks before they were granted access.

So, when VCCS needed to implement multi-factor authentication (MFA) across their system due to security reasons and state mandates, they knew it was time for an upgrade. While the college system could have upgraded their legacy system to meet the MFA requirement, VCCS decided it was in their best interest to move forward with a new vendor partner that could enhance the experience and provide more opportunity for governance and growth. In addition, they needed a solution that would provide seamless IAM across the college system, making it easy to share services while retaining control of individually owned systems.

Ready for a streamlined system that could help untangle their “security spaghetti”, VCCS was eager to start anew with a robust partner.

SOLUTION

With such a diverse population of users, VCCS searched for a solution that would allow them to efficiently manage permissions for everyone from full-time students and employees to contractors, adjunct professors, and non-credit seeking students. The solution needed to be capable of managing a single identity for each user, including users with multiple affiliations at various institutions.

However, finding a system that met their requirements and integrated with existing systems proved difficult. “I realized very quickly that other vendors said they could meet our requirements, but upon digging, actually could not,” recalls Nicole Stewart, Assistant Vice Chancellor of Information Technology Services at VCCS.

Luckily, Stewart was already familiar with RapidIdentity, the digital identity platform in education. “I knew from my past experience in K-12 that RapidIdentity was a great solution and can easily handle a multi-organizational network like ours,” said Stewart.

In addition to enhancing VCCS’s user experience and improving system governance, RapidIdentity could integrate with VCCS’s current student and operational systems, including Oracle Campus Solutions, G Suite, Office 365, Canvas, Financial Management System (FMS), and Human Capital System (HCM).

So, VCCS decided to implement the following from RapidIdentity Cloud’s suite of solutions, hosted on Amazon Web Services (AWS):

• Automated Lifecycle Management with Distributed IAM: Automates the full identity lifecycle of all users including students, faculty, staff, adjunct professors, contractors, and consultants system-wide.
• Comprehensive Identity Governance: Manages and enforces current policies with policy-driven configurations automatically to ensure they are consistent across the system.
• Authentication (MFA and Single Sign-On): Delivers seamless, one-click user access to applications while protecting all entry points with MFA methods including push authentication, alternate email address, Time-Based One-Time Password (TOTP), and U2F FIDO tokens.

RapidIdentity offered a unique Distributed IAM offering that would enable VCCS to truly unify digital identities across VCCS’s 23 colleges. By leveraging a common, central Identity Governance and Administration (IGA) service, RapidIdentity would enable each college to share certain services, while still providing flexibility to maintain their independently owned services.

RESULT

Nicole and her Access & Content Applications team, led by Emilio, partnered with Moran Technology Consulting to roll out RapidIdentity in phases. In phase one, completed in Spring 2021, VCCS and Moran compiled all users into an account management metadirectory. In the second phase, the team branded each college’s student portal to match each school’s unique look and feel. “Moran has been a great, supportive partner that has really helped us make the project as successful as possible,” says Stewart.

By teaming up with Moran, VCCS has already accomplished more in three months than the prior vendor could in a year. VCCS’s IAM approach is completely transformed thanks to RapidIdentity’s:

• Heightened Security. RapidIdentity Distributed IAM provides VCCS decreased threat vectors, enhanced security, and system-wide identity governance. VCCS also rolled out MFA system-wide with methods including push authentication, alternate email address, Time-Based One-Time Password (TOTP), and U2F FIDO tokens.
• Seamless Integration. RapidIdentity’s built-in flexibility enabled VCCS to quickly implement the new system across 23 separate institutions and a plethora of applications. The best part is that institutions can even use a separate learning management system (LMS). As an example, Canvas can be turned on at Northern Virginia Community College and Blackboard at Tidewater Community College. • Automation at Scale. RapidIdentity automates the full user life cycle at scale—not only VCCS’s students and staff, but also ven- dors, contractors, and external partners, reducing administrative burden.
• Enhanced User Experience. VCCS now has 235 distinct connections system-wide for students and educators to access via single sign-on (SSO). In addition, the Distributed IAM offering limits duplicate accounts as students register at one or more colleges for certain courses.
• Affordability. Not only does RapidIdentity enable VCCS to free resources, it also sits at a reasonable price point. “In higher edu- cation, we don’t have the kind of money that enterprises can afford on identity management. RapidIdentity is priced well for an education organization to procure,” said Stewart.

VCCS is pleased that RapidIdentity’s flexibility makes it easy to work with their existing processes, and adapt as their processes evolve. “While most solutions are cut-and-dry in terms of features, RapidIdentity can be tailored to meet our needs— all without hiring extra programmers,” said Acevedo. “That’s my favorite part.”

"While most solutions are cut-and-dry in “ terms of features, RapidIdentity can be tailored to our needs— all without hiring extra programmers." Emilio Acevedo, IT Manager, VCCS